|
Message-ID: <BLU159-W208B44BCCC42C586DE2396A4900@phx.gbl> Date: Sun, 1 Jan 2012 15:55:26 +0000 From: Alex Sicamiotis <alekshs@...mail.com> To: <john-users@...ts.openwall.com> Subject: RE: John as a wordlist creator > > > > for example > > > > guesses: 2 time: 0:00:21:43 7% c/s: 7991K trying: Alex2194 - Alekshs2 > > guesses: 2 time: 0:00:22:48 7% c/s: 8006K trying: Giannis2 - Giannhs2 > > guesses: 2 time: 0:00:23:17 7% c/s: 8008K trying: Alex2521 - Alekshs2 > > > > Alekshs2 appeared a few hundred times, and that means it has been tried a few million times :P > > > This is caused by the hash type being limited to password length 8, and > the rules you used were not taking this into account. > > I guess the rules appended 4 digits (possibly after capitalizing the word). > Yep... it was in the XXXX digits added. > So, with more sophisticated rules you can reduce the risk of producing > duplicate password candidates. > (You can not avoid duplicates, because this also depends on your input > word list. IF you have a rule which replaces all vowels with '*', > different input words can be converted into the same password candidate.) > > Regards, > Frank Basically, and despite seeing that many korelogic rules were potentially overlapping, I merged all of them under a signle entry, using them with a self-compiled list of common greek names. The rule list was pretty extensive so the thought of tweaking each rule was not really contemplated - I chose to waste cpu time, instead of my time.... Thus I used the ruleset for a few names, and it threw up something like 15-20 passwords within a couple hours. As it proved, they were mostly names+initials of surnames attached, plus some kind of twist, like birthyear, a symbol or a number. This then gave me some more ideas about extracting rules from the ruleset, modifying them and applying it in a much more limited fashion that 10 million rules. One of the funnier things is, when I tried to copy the john directory to another directory to try something new (I have like 50 or 60 directories of john, each with different .confs, chrs etc - I'm starting to lose track of what I'm doing in each one) and it was more than 1 gig... I was like "hmm, what happened?"... then I realised that the ruleset was so enormous that it was generating GIGABYTES in john.log, heh. Thanks for the tips.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.