Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 15 Apr 2014 19:31:04 +0200
From: Frank Dittrich <frank.dittrich@...lbox.org>
To: john-users@...ts.openwall.com
Subject: Filter password candidates generated by --incremental (was: EXTRA
 characters.)

On 04/15/2014 07:10 PM, KZug wrote:
> Is there a way with John to remove some patterns with —incremental output? 
> I.e. With Jeff’s AES 256 issues that we had few weeks ago, his charset was limited AND he had a long list of patterns limitation. It’s a bit between  —Incremental and —mask 
> 
> No passwords with 4,3 or 2 digits in a row
> No passwords in all upper case 
> No passwords in all under case
> No passwords with more than 3 signs
> Etc …
> 
> So, do you (or anyone) know of a way to skip those patterns? Besides greping the output to death? 

For (very) slow hashes, implementing an external filter and using
--external=... in addition to --incremental might be appropriate.

For existing filters, see the output of

$ ./john --list=ext-filters-only


Then check john.conf for these filters:
[List.External:AtLeast1-Simple]
[List.External:AtLeast1-Generic]
[List.External:Policy]

They might provide guidance for defining your own --external mode.

Frank

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.