Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 15 Apr 2014 13:10:38 -0400
From: KZug <kzug10@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: EXTRA characters.

Magnum, 

In the same general broad spectrum subject, 

Is there a way with John to remove some patterns with —incremental output? 
I.e. With Jeff’s AES 256 issues that we had few weeks ago, his charset was limited AND he had a long list of patterns limitation. It’s a bit between  —Incremental and —mask 

No passwords with 4,3 or 2 digits in a row
No passwords in all upper case 
No passwords in all under case
No passwords with more than 3 signs
Etc …

So, do you (or anyone) know of a way to skip those patterns? Besides greping the output to death? 


Also, on a side note:
Is there any doc on —Mask?  I am poking a bit around with trailing characters, i.e, it does not like “!”
The option —config does not appear anymore  on —help, but still works.  1.8.0.2 Bleeding jumbo

Thanks 

Kris









On Apr 13, 2014, at 20:41, magnum <john.magnum@...hmail.com> wrote:

> On 2014-04-14 02:33, magnum wrote:
>> Now bump CharCount to 38 and add a line "Extra = XY" in john.conf for
>> that mode. It will now generate passwords using lower alpha, digits and
>> those two upper-case characters. Check the tail for length 4 again and
>> you'll see that the last candidate is YYYY. The first word containing
>> any of the extra characters (a single "X") is #22984 when limited to
>> length 4, but beyond 400 million if not (I aborted after a couple of
>> minutes).
>> 
>> BTW the "Extra" stuff is apparently b0rken in bleeding-jumbo. I'll have
>> a look at that.
> 
> That was a red herring, it was because I did not bump CharCount. Maybe John should warn about that, or better use the Extra even if we exceed CharCount (just like when your training data has more characters than CharCount).
> 
> magnum
> 
> 

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.