Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 14 Dec 2011 14:43:15 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: faster Lotus5 hash cracking (was: JtR CUDA ????)

On Wed, Dec 14, 2011 at 06:06:15PM +0800, Gu George wrote:
> After reading your reply, I still have another question:
> 
> For Lotus5 format, how to configure John ONLY to carck the hashes more than
> 8 digits and/or lower case characters.

Trying to match a corporate policy?  That's probably not a good idea.

My suggestion is that you use more wordlists with more rules.
Try all.lst from:

http://download.openwall.net/pub/wordlists/

Try leaked password lists from:

http://www.skullsecurity.org/wiki/index.php/Passwords
http://dazzlepod.com/disclosure/
http://contest-2010.korelogic.com/wordlists.html

For a larger ruleset, try the --rules=single option.

Also, try things such as --external=Keyboard, --external=Repeats (this
one is almost instant), and --external=Subsets.

To answer your question more directly, to have incremental mode try
alpha-numeric strings longer than 8 characters, you have to modify
params.h, rebuild John from source, generate a new .chr file, and use
that.  This will work for lengths up to 10:

http://www.openwall.com/lists/john-users/2011/12/07/10
http://www.openwall.com/lists/john-users/2007/07/04/6

So you may then have one instance of John doing length 9 and another
doing length 10.

For other cracking modes, the above is not needed.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.