Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 16 Nov 2012 15:12:17 -0600
From: Richard Miles <richard.k.miles@...glemail.com>
To: john-users@...ts.openwall.com
Subject: Re: How does incremental mode works?

Hi Rich

Thanks for your answer, very appreciated.

I was reading it and other documentation but it's very complex. For a
non-math person or for someone that is not that technical, how could you
describe the difference between incremental and markov mode? My
understanding is that both use statistics and try better candidates not in
sequential mode. However I don't understand how they are different.

Thanks and sorry for dumb question.


On Tue, Nov 13, 2012 at 8:54 AM, Rich Rumble <richrumble@...il.com> wrote:

> On Tue, Nov 13, 2012 at 8:44 AM, Richard Miles
> <richard.k.miles@...glemail.com> wrote:
> > These links helped me a lot. It's very interesting, suppose that I have a
> > custom list of words already with some manipulation for a custom target,
> is
> > there anything that I may do to use it with jTr that will give me better
> > results in comparison with default incremental mode? Examples are
> welcome.
> Not sure, I'm just an ordinary guy who audits using JtR. You can
> easily make your own CHR file, just put the words into a file called
> john.pot or use the --pot=filename.here along with the
> ---make-charset=custom.chr
> http://www.openwall.com/lists/john-users/2006/01/19/8
>
> > I was reading this thread and I found this link (
> > https://twitter.com/hashcat/status/239636316499869696/photo/1/large), do
> > you know where is jTr in comparison in this chart?
> Hashcat and JtR are a bit different still, GPU vs CPU for most hashes,
> each has it's strengths.
>
> > Also, I found this nice project (http://thepasswordproject.com/passpal),
> is
> > there a way to "integrate" passpal to create more robust rules based on
> my
> > targeted wordlist already manipulated to generate more strong candidates
> > for jTr in incremental mode or similar?
> I don't know, I do know that tool and others were used in the CMIYC
> contest (more below), and it's been mentioned here recently:
> http://www.openwall.com/lists/john-users/2012/07/17/3
>
> > My main concern is not run two different instances of jTr to test
> basically
> > the same thing, so I would like to try avoid as much as possible repeat
> > candidate passwords, however, since the output wordlist may be huge the
> > cost to do sort and uniq may be too unacceptable.
> Incremental mode does not repeat, or it tries very hard not to, other
> modes however are more prone to repeating and unique isn't going to
> keep that from happening. Certain wordlist rules will produce the same
> candidates even if the words are all unique. This isn't that big a
> deal, when doing an audit I know I produce the same candidates, but I
> also produce enough different one's that it's worth it. If you run JtR
> simultaneously on two different computers, and there are repeats I
> find it's not wasting as much time.
>
> > This guy called atomu looks very brilliant, but he also looks very
> > arrogant. Anyway, I impressed by what he claimed and the results. One
> thing
> > that called my attention is that appear to be agreed between this guy and
> > solar d. that their mask filters are more efficient in comparison with
> > current jTr incremental mode. Is it correct? Is there a workaround or
> > something similar to archive similar results with jTr?
> I'm sure he is both of those things, you probably have to be, but
> "type" doesn't always convey the proper "tone" unless you go out of
> your way, especially when you're responding quickly, off the cuff if
> you will. JtR and oHC (among others)duke it out every year at a defcon
> contest called crackmeifyoucan: http://contest-2012.korelogic.com/
> http://contest-2011.korelogic.com/
> http://contest-2010.korelogic.com/teams.html
> I personally don't feel that one tool is head and shoulders above
> another, it's your experience and cunning using them the best way
> possible. Again I can't crack rot-13, nor program it, (tr a-z n-a:)
> but the folks working on these projects are brilliant and they are
> much better at these things than I. Maybe they will respond soon as
> well.
>
> -rich
>

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.