Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 10 May 2011 07:21:44 +0200
From: Simon Marechal <>
Subject: Re: Supercharged John the Ripper Techniques by Rick
 Redman of KoreLogic

Le 09/05/2011 21:18, Per Thorsheim a écrit :
> Could such statistics based on several generations of passwords from
> live corporate environments be used to create hybrid wordlists, where we
> take an ordinary wordlist and mangle every word with edit-distance
> metrics applied up to a maximum value, in order to "predict your next
> password?". Could this be effective? Would it create smaller and/or more
> effective hybrid lists (rules)?

This is a hard problem. It has been discussed a bit in the list with the
subject "Automatic Rule Generation (was GSoC 2011)", and I documented a
little bit what I did here :

But if somebody managed to come up with an effective edit distance (and
thus shortest mutation path) for a password to a dictionnary, that would
be a huge step (though not the end, as longer mutation pathes could be
more relevant).

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.