Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 5 Feb 2013 14:48:53 +0100
From: "JohnyKrekan" <krekan@...nykrekan.com>
To: <john-users@...ts.openwall.com>
Subject: Re: generating passwords candidates longer than 8 characters using incremental attack

Hello, thanx for suggestions so I can experiment.
Since I am Delphi/FPC based: what compiler I need to compile John under 
Windows: Visual CPP or GCC?
Jan Krekan
----- Original Message ----- 
From: "Rich Rumble" <richrumble@...il.com>
To: <john-users@...ts.openwall.com>
Sent: Tuesday, February 05, 2013 2:16 PM
Subject: Re: [john-users] generating passwords candidates longer than 8 
characters using incremental attack


> On Tue, Feb 5, 2013 at 4:40 AM, JohnyKrekan <krekan@...nykrekan.com> 
> wrote:
>> Hello, after a successfull test with 8 characters password I tried to 
>> generate longer passwords by setting the incremental section in john.ini 
>> where
> Incremental mode will only create max 8 length passwords by default.
> You have to compile John with one tweak to allow for longer passwords,
> and then you have to generate the .CHR files for it to use with those
> longer settings.
>> Why this configuration is not working?
>> what should I do to derivate those longer password candidates using 
>> incremental attack?
> Again the .chr files are where john derives it's incremental
> candidates, and you have to create your own once you've modified the
> params.h file
>
> #define CHARSET_LENGTH 8
>
> Change that to 10, or 12 etc...(whatever number you want up to a point)
> Then you can create your own charset files.
> http://www.openwall.com/john/doc/EXAMPLES.shtml
> In order to generate the chr files you need a large pot file...
> To generate a decent pot file for john to use when creating these
> charset's try (if on windows find use cygwin)
>
> cat rockyou.txt | sed 's/^/:/' > custom.pot
>
> You can use some pre-defined or custom word filters when generating
> the charset file to have John consider some simpler passwords only:
> john --pot=custom.pot --make-charset=my_alpha.chr
> --external=filter_alpha mypasswd.chr
>
> If your "pot file" got large enough (or if you don't have any charset
> files at all), you might want to use it to generate a new set of main
> charset files:
>
> john --pot=custom.pot --make-charset=all.chr
> john --pot=custom.pot --make-charset=alnum.chr --external=filter_alnum
> john --pot=custom.pot --make-charset=alpha.chr --external=filter_alpha
> john --pot=custom.pot --make-charset=digits.chr --external=filter_digits
> john --pot=custom.pot --make-charset=lanman.chr --external=filter_lanman
>
> Those commands are specifying the pot file to use, john will default
> to john.pot if you do not specify another. You can find rockyou.txt
> and other good wordlists all over the internet have a look here for a
> bunch of links: http://www.openwall.com/wordlists/ Note that the
> commands above will overwrite the existing all, alnum, alpha, digits,
> and lanman.chr files.
> -rich 

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.