Date: Tue, 01 Mar 2011 10:28:47 +0100 From: bartavelle <bartavelle@...il.com> To: john-users@...ts.openwall.com Subject: Re: Automatic Rule Generation (was GSoC 2011) On 28/02/2011 23:05, Matt Weir wrote: > That's why I eventually moved to using probabilistic context free > grammars to model user behavior and generate my rules. I know of your approach and find it highly interesting, and I believe it would probably have all advantages of the current markov generator (given that the viterbi algorithm seems to be applicable) while being a lot more targeted, and effective. Also, implementations for rainbow tables are to be considered. It might, as you mentionned, add much overhead, but I would not be too concerned about this. There are however two glaring issues with it : * no reliable/fast code in a major cracking tool exists * it will probably be horrible on GPUs That's why I went with this approach of working with only known tools mutation techniques : JtR is reliable and oclHashcat is really effective on GPUs. > I haven't done that yet. In all honesty I should probably revisit that > and directly integrate the guess generator into JtR, but that's low on > my to-do list, (watching season 1 of Heros is much higher). I believe it would be much more profitable to work on your code. This show is horrible ! > All in all, the whole project is still in the proof of concept stage, > (despite me working on it over a number of years), and there's a > million problems with it, which is why I'm so interested in your ideas > and results Bartavelle ;) This is another thing that makes my approach somehow viable for someone not keen on long term support : if it even outputs a not too bad ruleset at one point, it will be possible to use it in reliable tools, even if the original code rots :)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.