Date: Mon, 08 Aug 2011 12:15:08 +0200 From: magnum <rawsmooth@...dband.net> To: john-users@...ts.openwall.com Subject: Unicode DumbForce I just uploaded "0004-Dumb16-UCS-2-and-Dumb32-Unicode-external-modes-added.patch" to the wiki, that adds two external modes to john.conf: * Dumb16 tries all allocated codepoints in the UCS-2 part of Unicode 6.0 (there are 15801 of them) and outputs them as UTF-8. * Dumb32 tries all allocated codepoints in Unicode 6.0 (there are 23296 of them) and outputs them as UTF-8. Note that our current NT and mscash1 formats only supports UCS-2 so using Dumb32 against them is just a waste. For Unicode formats (like NT), use with -enc=utf8 (or just -utf8 for John versions from 1.7.7 Jumbo-5 and prior to 1.7.8 Jumbo-5). For 8-bit formats (hashes actually made from UTF-8) you don't need such options and in this case you can use these modes with much older versions of JtR. These are meant for narrowing in on a codepage for Unicode hashes, or for experimenting/debugging or just understanding how mindbogglingly huge the Unicode space is when brute forcing: For example, using Dumb16 we can exhaust 3 characters for NT in a couple of weeks, but a 4th character would take 500 years. Using Dumb32 it would be thousands of years. The external engine becomes a bottleneck when attacking very fast hashes, NT speed (using -enc=utf8) decreases from ~21000K to just ~3500K for me when running dumb16. But if you're lucky you'll crack a very short password and this might help in choosing wordlists and encodings for further, non-dumb cracking. Another option, of course, is to comment out parts of the character definitions for attacking a certain part of the space. The mode definitions are long. Like already discussed, we need some sort of #include for john.conf. magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.