Date: Fri, 12 Nov 2010 15:41:06 +0300 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: Wordlist Mangling Rule On Mon, Nov 08, 2010 at 06:59:28PM +1300, Al Grant wrote: > The rule was more designed around the assumption that most residential AP's > protected with WPA etc > Probably have a 8 character or shorter word, possibly beginning with a > capital, and if not 8 digits then made > To come to 8 by adding the appropriate number of digits, probably 123 etc. This makes some sense. > Do that make a rule any simpler to generate? Your explanation of the rationale does not change the assumption you wanted to encode in the rules, so the answer is no - the same rules I had posted earlier are the ones to use to implement your assumption: > [List.Rules:Wordlist] > -\r[c:c] <B >7 \p[clu] > -\r[c:c] <8 >6 \p[clu] $[0-9] > -\r[c:c] <7 >5 \p[clu] Az"[0-9][0-9]" > -\r[c:c] <6 >4 \p[clu] Az"[0-9][0-9][0-9]" > -\r[c:c] <5 >3 \p[clu] Az"[0-9][0-9][0-9][0-9]" > > This includes some extra complexity to deal with case-insensitive hashes > optimally. If you don't need that, or if you're using an older version of > JtR that does not understand the '\r' flag, you can simplify to: > > <B >7 [clu] > <8 >6 [clu] $[0-9] > <7 >5 [clu] Az"[0-9][0-9]" > <6 >4 [clu] Az"[0-9][0-9][0-9]" > <5 >3 [clu] Az"[0-9][0-9][0-9][0-9]" > > There's no performance difference between these two with case-sensitive > hashes, but the first one is up to 3x faster for case-insensitive. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.