Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 25 Apr 2010 12:32:16 +0400
From: Solar Designer <>
Subject: Re: Re-ordered 'Single Mode' Ruleset

On Sun, Apr 25, 2010 at 04:11:31AM -0400, Matt Weir wrote:
> The training and cracking sessions were run against different sets of one
> million passwords each, even though both of them came from the same
> disclosed list, (that's the amazing thing about having a list of 32 million
> passwords). I posted another blog entry showing the ruleset being run
> against two other password lists, (the list and the MySpace list).
> The short answer is that the re-ordered rules performed slightly better than
> the original single rule-set against the list, and significantly
> better, (in the first 500 million guesses), against the MySpace list. The
> post, along with the corresponding graphs, can be viewed at the following
> link:

Yes, you used a decent approach.  I am convinced now.  Thank you!

Perhaps the "single crack" ruleset included with JtR should be
re-ordered in a similar way, although this would require
additional/different testing (based on usernames and GECOS info, and
also for truncating hash types).


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.