Date: Tue, 10 May 2011 07:21:44 +0200 From: Simon Marechal <simon@...quise.net> To: john-users@...ts.openwall.com Subject: Re: Supercharged John the Ripper Techniques by Rick Redman of KoreLogic Le 09/05/2011 21:18, Per Thorsheim a écrit : > Could such statistics based on several generations of passwords from > live corporate environments be used to create hybrid wordlists, where we > take an ordinary wordlist and mangle every word with edit-distance > metrics applied up to a maximum value, in order to "predict your next > password?". Could this be effective? Would it create smaller and/or more > effective hybrid lists (rules)? This is a hard problem. It has been discussed a bit in the list with the subject "Automatic Rule Generation (was GSoC 2011)", and I documented a little bit what I did here : http://en.wordpress.com/tag/mangling-rules-generation/ But if somebody managed to come up with an effective edit distance (and thus shortest mutation path) for a password to a dictionnary, that would be a huge step (though not the end, as longer mutation pathes could be more relevant).
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.