Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 8 Feb 2013 21:36:50 +0100
From: magnum <>
Subject: Re: Cracking SHA1 with some knowledge of password

You could use an external filter but it will have crappy performance for a fast raw hash like this.

Unfortunately you can't use rules with Incremental mode. I have considered trying to enable that. Should be trivial.

Jim's idea is your best bet.


On 8 Feb, 2013, at 21:01 , Lex Par <> wrote:

> Thanks! Is there a way to do this without using a word list (brute force
> it)?
> Thanks.
> On Fri, Feb 8, 2013 at 2:16 PM, magnum <> wrote:
>> On 8 Feb, 2013, at 17:40 , Lex Par <> wrote:
>>> Group, I have a SHA1 hash that I would like to brute-force. I have
>>> knowledge of several characters before and after the password (ie, if the
>>> hash is derived from "xxxpasswordyyy", I know both xxx and yyy).  I'd
>> like
>>> to somehow input the xxx and yyy values as constants, so that they are
>>> always included in the crack attempt but the "password" portion is
>>> brute-forced.
>> This can be done in several ways but using rules should be fastest. Add
>> this to your john.local.conf:
>> [List.Rules:custom]
>> A0"xxx"Az"yyy"
>> Then run wordlist mode with --rules:custom.
>> magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.