Date: Sun, 25 Apr 2010 12:32:16 +0400 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: Re-ordered 'Single Mode' Ruleset On Sun, Apr 25, 2010 at 04:11:31AM -0400, Matt Weir wrote: > The training and cracking sessions were run against different sets of one > million passwords each, even though both of them came from the same > disclosed list, (that's the amazing thing about having a list of 32 million > passwords). I posted another blog entry showing the ruleset being run > against two other password lists, (the phpbb.com list and the MySpace list). > The short answer is that the re-ordered rules performed slightly better than > the original single rule-set against the phpbb.com list, and significantly > better, (in the first 500 million guesses), against the MySpace list. The > post, along with the corresponding graphs, can be viewed at the following > link: > > http://reusablesec.blogspot.com/2010/04/optimizing-jtrs-single-mode-follow-up.html Yes, you used a decent approach. I am convinced now. Thank you! Perhaps the "single crack" ruleset included with JtR should be re-ordered in a similar way, although this would require additional/different testing (based on usernames and GECOS info, and also for truncating hash types). Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.