Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 13 Nov 2012 07:44:33 -0600
From: Richard Miles <richard.k.miles@...glemail.com>
To: john-users@...ts.openwall.com
Subject: Re: How does incremental mode works?

Hi Rich

Thanks for your answer, very appreciated.

These links helped me a lot. It's very interesting, suppose that I have a
custom list of words already with some manipulation for a custom target, is
there anything that I may do to use it with jTr that will give me better
results in comparison with default incremental mode? Examples are welcome.

I was reading this thread and I found this link (
https://twitter.com/hashcat/status/239636316499869696/photo/1/large), do
you know where is jTr in comparison in this chart?

Also, I found this nice project (http://thepasswordproject.com/passpal), is
there a way to "integrate" passpal to create more robust rules based on my
targeted wordlist already manipulated to generate more strong candidates
for jTr in incremental mode or similar?

My main concern is not run two different instances of jTr to test basically
the same thing, so I would like to try avoid as much as possible repeat
candidate passwords, however, since the output wordlist may be huge the
cost to do sort and uniq may be too unacceptable.

This guy called atomu looks very brilliant, but he also looks very
arrogant. Anyway, I impressed by what he claimed and the results. One thing
that called my attention is that appear to be agreed between this guy and
solar d. that their mask filters are more efficient in comparison with
current jTr incremental mode. Is it correct? Is there a workaround or
something similar to archive similar results with jTr?

Thanks

On Mon, Nov 12, 2012 at 1:54 PM, Rich Rumble <richrumble@...il.com> wrote:

> On Mon, Nov 12, 2012 at 2:20 PM, Richard Miles
> <richard.k.miles@...glemail.com> wrote:
> > Hi all
> >
> > I see that default incremental option is not a sequential brute force.
> Can
> > someone please give me details about how it works and how password
> > candidates are generated and selected?
> Read the MODES documentation: http://www.openwall.com/john/doc/MODES.shtml
> Basically JtR is trying more likely candidates based on a certain
> dataset using Tri-graph frequencies (or some such:). You can "train"
> your chr files to suit the hashes you're cracking and possibly get
> even better results... If your auditing a company and a product or
> brand name appears in peoples passwords, creating a custom chr file
> may be a good idea, as those letters/characters are showing up for
> frequently and might get hashes to fall faster in that instance. If
> you then used that same custom chr file against another list from a
> different source, your results will probably very poor. Incremental
> mode is limited to 8 character places, but can be made longer.
> http://www.openwall.com/john/doc/EXAMPLES.shtml (custom chr)
> More Info http://www.openwall.com/lists/john-users/2009/02/20/3
>
> > Also, I see that OCL hashcat has a similar feature which also give us
> good
> > results. Is there any kind of comparison between the two modes used?
> Which
> > one is more effective? Or downside and upsides for jTr and OCL hashcat?
> Maybe this Reddit article addresses some of that, I dunno.
>
>    With JtR's incremental mode, every character is determined by
> {length, position, previous two characters}.
> The above is from
>
> http://www.reddit.com/r/crypto/comments/yuqyi/john_the_ripper_vs_oclhashcatlite#id-t2_4r8q1
>
> -rich
>

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.