Date: Sat, 27 Feb 2010 14:52:18 +0100 From: "Magnum, P.I." <rawsmooth@...dband.net> To: john-users@...ts.openwall.com Subject: Wordlist + single I got this idea. I haven't seen it being discussed earlier. Currently we have these two ways (among others) of producing candidates: - Single mode will use 'user info' but not a wordlist - Wordlist mode will use a wordlist but the 'user info' is unavailable How about combining that? In its simplest form, that is wordlist rules (or variables?) that has knowledge of the current user name (and possibly gecos info etc). So if I have this hash: root:$1$somesalt$im/T9r/sZVwtKkFKFArym.:0:0:Super User:: Combining the word 'pass' from a wordlist with the user info, a rule could construct password candidates like rootpass, passSuper, SuperUserpass and so on (by the way I actually thought this example hash would be cracked in seconds by a default install anyway, but it doesn't). I believe this would prove very powerful but I realize it might be non-trivial to implement at this point. Maybe it would be hard to accomplish without loosing performance? Hopefully that could be mitigated by having this as an optional functionality, or maybe even a separate new cracking mode. Just a thought. thanks MPI
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.