Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 12 Nov 2012 14:54:16 -0500
From: Rich Rumble <>
Subject: Re: How does incremental mode works?

On Mon, Nov 12, 2012 at 2:20 PM, Richard Miles
<> wrote:
> Hi all
> I see that default incremental option is not a sequential brute force. Can
> someone please give me details about how it works and how password
> candidates are generated and selected?
Read the MODES documentation:
Basically JtR is trying more likely candidates based on a certain
dataset using Tri-graph frequencies (or some such:). You can "train"
your chr files to suit the hashes you're cracking and possibly get
even better results... If your auditing a company and a product or
brand name appears in peoples passwords, creating a custom chr file
may be a good idea, as those letters/characters are showing up for
frequently and might get hashes to fall faster in that instance. If
you then used that same custom chr file against another list from a
different source, your results will probably very poor. Incremental
mode is limited to 8 character places, but can be made longer. (custom chr)
More Info

> Also, I see that OCL hashcat has a similar feature which also give us good
> results. Is there any kind of comparison between the two modes used? Which
> one is more effective? Or downside and upsides for jTr and OCL hashcat?
Maybe this Reddit article addresses some of that, I dunno.

   With JtR's incremental mode, every character is determined by
{length, position, previous two characters}.
The above is from


Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.