Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 29 Mar 2012 10:44:34 -0500
From: jmk <>
Subject: Re: Simple John Rules Example

On Thu, 2012-03-29 at 15:30 +0400, Solar Designer wrote:
> On Wed, Mar 28, 2012 at 04:01:07PM -0500, jmk wrote:
> > I just started playing with John rules and I'm thoroughly confused. I'm
> > attempting to simply try different combinations of vowel removal. For
> > example, if my dictionary contains "bonkers", I'd like to test bonkers,
> > bnkers, bonkrs, and bnkrs. I can purge all vowels with "@?v", but that
> > isn't what I'm looking for. I can remove the first vowel with "/?v Dp
> > Q", but that isn't right either.
> You can use something like this:
> %4?v Dp %3?v D[p*] %2?v D[p*] /?v D[p*]
> %3?v Dp %2?v D[p*] /?v D[p*]
> %2?v Dp /?v D[p*]
> /?v Dp
> This example works for words with up to 4 vowels (you can easily expand
> it to work for up to 5, etc.)  Unfortunately, it is somewhat inefficient:
> many of the rules produced after preprocessor expansion will happen to
> reject many of the input words.  The rules are currently such that each
> rule can produce at most one candidate password from one input word, so
> in order to have multiple candidate passwords per input word we have to
> use multiple rules (or have them generated with the preprocessor like
> in the example above - those square brackets do it).

Thanks for the example rules! If you don't mind, I have a few questions
to help me understand them better:

- Am I correct to assume the "*" in "[p*]" works as a toggle, causing
the rule to produce candidate passwords with both the character at that
position and it removed?

- I'm assuming the rules are processed left to right, correct? With the
rule "%2?v Dp /?v D[p*]" and the input word of "boat", the whole word is
processed by the first part of the rule. After that, the second part of
the rule is looking at just "at".

- If I wanted to add "y" in as a vowel, it appears it is not as simple
as just replacing "?v" with "[aeiouy]". Is that correct?

- Does the order of rules matter? I see you went from 4 vowel words down
to 1. Would the reverse order be any different?

- I'm playing with expanding these rules to capitalize the first letter
and append digits/symbols. If I have 7 different append rules (1-4
digits, 1-3 digits + 1 symbol), I'm looking at 28 total rules (4 vowel x
7 append), right? For example:

%3?v [c] Dp %2?v D[p*] /?v D[p*] Azq[0-9][0-9][!$@...^&()_+\-={}|[\]\
\;'":,/<>?`~*]q <+
%3?v [c] Dp %2?v D[p*] /?v D[p*] Azq[0-9][0-9][0-9][!$@...^&()_
+\-={}|[\]\\;'":,/<>?`~*]q <+
%2?v [c] Dp /?v D[p*] Azq[0-9]q <+
%2?v [c] Dp /?v D[p*] Azq[0-9][0-9]q <+

Thanks for your time.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.