Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 31 Dec 2011 14:12:50 +0000
From: Alex Sicamiotis <alekshs@...mail.com>
To: <john-users@...ts.openwall.com>
Subject: John as a wordlist creator


I downloaded some extra rules that I merged in john.conf, and while they increased the cracking efficiency,

a) they were very time consuming (it's to be expected)
b) they had significant overlap due to mangled worlds appearing the same

for example

guesses: 2  time: 0:00:21:43 7%  c/s: 7991K  trying: Alex2194 - Alekshs2
guesses: 2  time: 0:00:22:48 7%  c/s: 8006K  trying: Giannis2 - Giannhs2
guesses: 2  time: 0:00:23:17 7%  c/s: 8008K  trying: Alex2521 - Alekshs2

Alekshs2 appeared a few hundred times, and that means it has been tried a few million times :P

So that wastes CPU time in DES-cracking... and I was thinking, what if I JtR could be run with something like

./john -w:wordlist.txt -rules -create_wordlist:wordlist2.txt

in which, "-create_wordlist" would essentially be a new wordlist, consisting of the given worldlist + rules.

Then a sort/uniq is in order to eliminate duplicates. Ideally this could be done by JtR.

Theoretically, such a feature shouldn't be hard to implement and I can imagine a few cases where it might be useful:

A) Too many rules / too many duplicate words from mangling efforts
B) Creating a wordlist so that it can feed a GPU (from what I've read, the GPU is best at processing, rather than generating words)
C) For slow hashes like Blowfish, the sharing of workload could be easier by assigning parts of the wordlist to, say, 100 people. This would require something like

1) ./john -w:wordlist.txt -rules -create_wordlist:wordlist2.txt
2) sort + uniq on wordlist2.txt
3) a wordlist division tool that will divide the end wordlist to N members (or N threads on a cluster?) 		 	   		  

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.