Date: Fri, 25 Feb 2011 13:00:15 +0300 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: Insert word between words On Fri, Feb 25, 2011 at 10:19:49AM +0100, websiteaccess@...il.com wrote: > As you know my wordlist is very large (64 gigas, I can't edit it and > repair malformed lines if exists), sometimes and I don't know why JTR > freeze As I had explained to you before, JtR will appear to freeze for a while when a rule rejects all input words (or at least a large consecutive portion of the wordlist). Reading those gigabytes from disk takes time. > Is a line of my wordlist malformed ? No idea. Maybe. But this has nothing to do with the freeze (unless you have many megabytes of malformed lines in a row). > With ")c" I try to check the last character is class c (a-z) and not > something weird Then you should be using ")?c" (refer to class "c") rather than ")c" (refer to the literal character "c"). Also, class "c" is not a-z, but rather it's all consonants, both lower- and upper-case. For a-z (lowercase only), use ")?l". For all letters (also uppercase), use ")?a". All of this is in the documentation. > to avoid freeze, but it do not works really. :( It won't help you avoid freeze. On the contrary, it will make JtR reject more input words, making a possible freeze more likely. > an other thing : rule is "'6 /[ ] Dp X6zz Ap,me," > cracked pass = "textme", "swapme", "minime", seems word+"me" and not > word+me+word :-/ , it should not happens. I think you made a wrong conclusion. My guess is that those passwords got cracked because you had words "text", etc. in your wordlist followed by single space characters (and then nothing). You probably also had them followed by space characters and then other words, but passwords of the form word+me+word are simply both a lot less common and a lot harder to crack. It is not surprising that simpler passwords get cracked first. Overall, I think that your approach is wrong. I would not be applying mostly-skipping rules to a wordlist this large - you waste too much time in disk reads by doing so. You can in fact "edit" your large wordlist, producing several smaller ones from it. You can use JtR itself for such filtering. Then use those smaller wordlists with simpler rules that would not need to skip anything. For example, you can have a separate wordlist containing only word pairs and only those where the first word is of a specific length (if you like to apply a restriction like that). Such a wordlist will be a lot quicker to apply further rules to. I hope this helps. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.