Date: Wed, 14 Nov 2012 20:54:09 -0500 From: "Matt Weir" <cweir@...edu> To: <john-users@...ts.openwall.com> Subject: RE: How does incremental mode works? >> It would be interesting to (also) compare Markov and Incremental when trained from the exact same dataset. >> Incremental should be better then, getting rid of more candidates early on. Here you go. I wrote this up a couple of years ago so some of the statements, (such as Markov mode causing segfaults), no longer are true but the head to head comparisons between Markov and Incremental modes should still be accurate unless Solar updated Incremental since then. http://reusablesec.blogspot.com/2009/11/analysis-of-10k-hotmail-passwords-pa rt.html http://reusablesec.blogspot.com/2010/01/analysis-of-10k-hotmail-passwords-pa rt.html I admit, I still tend to favor Incremental mode simply because I'm normally too lazy to calculate how long I want it to run and I don't want to check in on it every day to see if I need to restart a session with a different bottom/top probability limit. Yes, I could script something to automatically do that for me, but let me refer to my lazy comment again ;p Last night I started to do a similar comparison between JtR's bruteforce modes and Hashcat's Bruteforce++ mode but who knows if I'll ever get around to finishing that comparison... As a quick overview Hashcat's statsprocesser, (which is used in Bruteforce++) started out, (aka back in version 0.01), resembling JtR's Markov mode, but the current version is much more like Incremental mode. I don't know the under the hood mechanisms of exactly how it generates its guesses though. This is probably a good time to say that you can use JtR's modes with Hashcat and Hashcat's modes with JtR. Aka both JtR and Hashcat allow you to pipe in guesses from other programs. JtR allows you to pipe out guesses directly (using the -stdout option), and Hashcat has the statsprocesser program which you can use. BTW the filter overlay in statsprocessor is *really* nice as it makes it much easier when cracking hashes where there's password creation requirements, (aka must have at least one uppercase character). Matt
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.