Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 6 Aug 2012 07:34:29 +0400
From: Solar Designer <>
Subject: Re: Distributed and Decrementing Dumb External modes

On Sun, Aug 05, 2012 at 01:14:41AM -0400, Rich Rumble wrote:
> I've got a dumb question about "dumb" external modes, and as I type I
> think I'm finding the answer form before I get to the question... Is
> it possible to have a dumb force mode, let's say it's a-z 0-9/s
> (alnum+space) to 8 chars, to have it start at "ccccccc" on pc-2
> (node?) and have pc-3 start at "dddddddd"... I'm thinking of this very
> manually and I'm sure just using NODE is better. If I have 37 pc's (or
> threads), I suppose that splits the load up pretty evenly using
> "-node1/37" etc,

As you're aware, the --node option does not exist in any released
version of JtR yet. ;-)  Where it does exist, it is currently slow with
external modes (so is only usable on slow/salted hashes), but is fast
with incremental mode (so you could use that instead - which would be
better for other reasons anyway).

> is it also possible to do it "manually" anyway?  :)

Of course.  Attached are 4 revisions of the DumbForce external mode.
These demonstrate what you need.  They differ in a few lines only.

> I've seen some of this (last) used in knownforce, but I'm still unsure
> how I'd specify "cccccccc" as the position to start with.

I think it'd be more convenient and simpler to start at "caaaaaaa", etc.
instead.  This is what I implemented in the attached samples.

For example, DumbForce-az8 searches "aaaaaaaa" through "zzzzzzzz", and
it starts at "aaaaaaaa".  However, DumbForce-az8-b starts at "baaaaaaa"
and DumbForce-az8-c starts at "caaaaaaa".

Here's how they differ in terms of code.  DumbForce-az8 to DumbForce-az8-b:

	last = minlength - 1;
-	i = 0;
+	word[0] = charset[id[0] = 1];
+	i = 1;
	while (i <= last) {
		id[i] = 0;
		word[i++] = c0;

(one line edited, one line added).

DumbForce-az8-b to DumbForce-az8-c:

-	word[0] = charset[id[0] = 1];
+	word[0] = charset[id[0] = 2];

(one number edited).

By starting with the KnownForce sample (instead of DumbForce), we could
fix the starting character - e.g., have the run starting at "baaaaaaa"
terminate after trying "bzzzzzzz" rather than proceed to "caaaaaaa" and
on like DumbForce-az8-b does.  But it was your choice to only specify
the starting string and to base these on DumbForce, so this is what I
demonstrated in these samples.

BTW, the starting/current password for DumbForce, KnownForce, and some
other external modes may also be specified by interrupting, editing the
.rec file (you only need to edit the password itself, not any numbers),
and restoring - although that's a hack.

> And since it's late(for me), and I'm into asking "dumb" questions,
> this one has to be simple, and forgive me for not knowing it, but
> let's say, I want to have two computers run digits only, out to 10
> chars. I want pc-1 to start at 0000000000 (incrementing) and pc-2 to
> start at 9999999999 (decrementing) so they meet in the middle, it may
> be hard to stop them both at 5555555555 so that is not a big deal to
> me. I've not tried it, but do I just swap 0 for 9? or do I just use -1
> instead of +1, maybe both, c = '9' - 1 while c = 0 and that will be
> the decrementing one? Perhaps it's i-- or c-- ?

The attached DumbForce-za8 sample should get you started.  Here's how it
differs from DumbForce-az8:

  * This defines the character set.
	i = 0;
-	c = 'a';
-	while (c <= 'z')
-		charset[i++] = c++;
+	c = 'z';
+	while (c >= 'a')
+		charset[i++] = c--;

To use digits instead of letters, replace 'a' with '0' and 'z' with '9'.


View attachment "DumbForce-az8" of type "text/plain" (1453 bytes)

View attachment "DumbForce-az8-b" of type "text/plain" (1486 bytes)

View attachment "DumbForce-az8-c" of type "text/plain" (1486 bytes)

View attachment "DumbForce-za8" of type "text/plain" (1454 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.