Date: Tue, 5 Feb 2013 08:16:45 -0500 From: Rich Rumble <richrumble@...il.com> To: john-users@...ts.openwall.com Subject: Re: generating passwords candidates longer than 8 characters using incremental attack On Tue, Feb 5, 2013 at 4:40 AM, JohnyKrekan <krekan@...nykrekan.com> wrote: > Hello, after a successfull test with 8 characters password I tried to generate longer passwords by setting the incremental section in john.ini where Incremental mode will only create max 8 length passwords by default. You have to compile John with one tweak to allow for longer passwords, and then you have to generate the .CHR files for it to use with those longer settings. > Why this configuration is not working? > what should I do to derivate those longer password candidates using incremental attack? Again the .chr files are where john derives it's incremental candidates, and you have to create your own once you've modified the params.h file #define CHARSET_LENGTH 8 Change that to 10, or 12 etc...(whatever number you want up to a point) Then you can create your own charset files. http://www.openwall.com/john/doc/EXAMPLES.shtml In order to generate the chr files you need a large pot file... To generate a decent pot file for john to use when creating these charset's try (if on windows find use cygwin) cat rockyou.txt | sed 's/^/:/' > custom.pot You can use some pre-defined or custom word filters when generating the charset file to have John consider some simpler passwords only: john --pot=custom.pot --make-charset=my_alpha.chr --external=filter_alpha mypasswd.chr If your "pot file" got large enough (or if you don't have any charset files at all), you might want to use it to generate a new set of main charset files: john --pot=custom.pot --make-charset=all.chr john --pot=custom.pot --make-charset=alnum.chr --external=filter_alnum john --pot=custom.pot --make-charset=alpha.chr --external=filter_alpha john --pot=custom.pot --make-charset=digits.chr --external=filter_digits john --pot=custom.pot --make-charset=lanman.chr --external=filter_lanman Those commands are specifying the pot file to use, john will default to john.pot if you do not specify another. You can find rockyou.txt and other good wordlists all over the internet have a look here for a bunch of links: http://www.openwall.com/wordlists/ Note that the commands above will overwrite the existing all, alnum, alpha, digits, and lanman.chr files. -rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.