Date: Tue, 13 Nov 2012 09:54:28 -0500 From: Rich Rumble <richrumble@...il.com> To: john-users@...ts.openwall.com Subject: Re: How does incremental mode works? On Tue, Nov 13, 2012 at 8:44 AM, Richard Miles <richard.k.miles@...glemail.com> wrote: > These links helped me a lot. It's very interesting, suppose that I have a > custom list of words already with some manipulation for a custom target, is > there anything that I may do to use it with jTr that will give me better > results in comparison with default incremental mode? Examples are welcome. Not sure, I'm just an ordinary guy who audits using JtR. You can easily make your own CHR file, just put the words into a file called john.pot or use the --pot=filename.here along with the ---make-charset=custom.chr http://www.openwall.com/lists/john-users/2006/01/19/8 > I was reading this thread and I found this link ( > https://twitter.com/hashcat/status/239636316499869696/photo/1/large), do > you know where is jTr in comparison in this chart? Hashcat and JtR are a bit different still, GPU vs CPU for most hashes, each has it's strengths. > Also, I found this nice project (http://thepasswordproject.com/passpal), is > there a way to "integrate" passpal to create more robust rules based on my > targeted wordlist already manipulated to generate more strong candidates > for jTr in incremental mode or similar? I don't know, I do know that tool and others were used in the CMIYC contest (more below), and it's been mentioned here recently: http://www.openwall.com/lists/john-users/2012/07/17/3 > My main concern is not run two different instances of jTr to test basically > the same thing, so I would like to try avoid as much as possible repeat > candidate passwords, however, since the output wordlist may be huge the > cost to do sort and uniq may be too unacceptable. Incremental mode does not repeat, or it tries very hard not to, other modes however are more prone to repeating and unique isn't going to keep that from happening. Certain wordlist rules will produce the same candidates even if the words are all unique. This isn't that big a deal, when doing an audit I know I produce the same candidates, but I also produce enough different one's that it's worth it. If you run JtR simultaneously on two different computers, and there are repeats I find it's not wasting as much time. > This guy called atomu looks very brilliant, but he also looks very > arrogant. Anyway, I impressed by what he claimed and the results. One thing > that called my attention is that appear to be agreed between this guy and > solar d. that their mask filters are more efficient in comparison with > current jTr incremental mode. Is it correct? Is there a workaround or > something similar to archive similar results with jTr? I'm sure he is both of those things, you probably have to be, but "type" doesn't always convey the proper "tone" unless you go out of your way, especially when you're responding quickly, off the cuff if you will. JtR and oHC (among others)duke it out every year at a defcon contest called crackmeifyoucan: http://contest-2012.korelogic.com/ http://contest-2011.korelogic.com/ http://contest-2010.korelogic.com/teams.html I personally don't feel that one tool is head and shoulders above another, it's your experience and cunning using them the best way possible. Again I can't crack rot-13, nor program it, (tr a-z n-a:) but the folks working on these projects are brilliant and they are much better at these things than I. Maybe they will respond soon as well. -rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.