Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 13 Nov 2012 09:54:28 -0500
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: How does incremental mode works?

On Tue, Nov 13, 2012 at 8:44 AM, Richard Miles
<richard.k.miles@...glemail.com> wrote:
> These links helped me a lot. It's very interesting, suppose that I have a
> custom list of words already with some manipulation for a custom target, is
> there anything that I may do to use it with jTr that will give me better
> results in comparison with default incremental mode? Examples are welcome.
Not sure, I'm just an ordinary guy who audits using JtR. You can
easily make your own CHR file, just put the words into a file called
john.pot or use the --pot=filename.here along with the
---make-charset=custom.chr
http://www.openwall.com/lists/john-users/2006/01/19/8

> I was reading this thread and I found this link (
> https://twitter.com/hashcat/status/239636316499869696/photo/1/large), do
> you know where is jTr in comparison in this chart?
Hashcat and JtR are a bit different still, GPU vs CPU for most hashes,
each has it's strengths.

> Also, I found this nice project (http://thepasswordproject.com/passpal), is
> there a way to "integrate" passpal to create more robust rules based on my
> targeted wordlist already manipulated to generate more strong candidates
> for jTr in incremental mode or similar?
I don't know, I do know that tool and others were used in the CMIYC
contest (more below), and it's been mentioned here recently:
http://www.openwall.com/lists/john-users/2012/07/17/3

> My main concern is not run two different instances of jTr to test basically
> the same thing, so I would like to try avoid as much as possible repeat
> candidate passwords, however, since the output wordlist may be huge the
> cost to do sort and uniq may be too unacceptable.
Incremental mode does not repeat, or it tries very hard not to, other
modes however are more prone to repeating and unique isn't going to
keep that from happening. Certain wordlist rules will produce the same
candidates even if the words are all unique. This isn't that big a
deal, when doing an audit I know I produce the same candidates, but I
also produce enough different one's that it's worth it. If you run JtR
simultaneously on two different computers, and there are repeats I
find it's not wasting as much time.

> This guy called atomu looks very brilliant, but he also looks very
> arrogant. Anyway, I impressed by what he claimed and the results. One thing
> that called my attention is that appear to be agreed between this guy and
> solar d. that their mask filters are more efficient in comparison with
> current jTr incremental mode. Is it correct? Is there a workaround or
> something similar to archive similar results with jTr?
I'm sure he is both of those things, you probably have to be, but
"type" doesn't always convey the proper "tone" unless you go out of
your way, especially when you're responding quickly, off the cuff if
you will. JtR and oHC (among others)duke it out every year at a defcon
contest called crackmeifyoucan: http://contest-2012.korelogic.com/
http://contest-2011.korelogic.com/
http://contest-2010.korelogic.com/teams.html
I personally don't feel that one tool is head and shoulders above
another, it's your experience and cunning using them the best way
possible. Again I can't crack rot-13, nor program it, (tr a-z n-a:)
but the folks working on these projects are brilliant and they are
much better at these things than I. Maybe they will respond soon as
well.

-rich

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.