Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 15 Apr 2014 19:31:04 +0200
From: Frank Dittrich <>
Subject: Filter password candidates generated by --incremental (was: EXTRA

On 04/15/2014 07:10 PM, KZug wrote:
> Is there a way with John to remove some patterns with —incremental output? 
> I.e. With Jeff’s AES 256 issues that we had few weeks ago, his charset was limited AND he had a long list of patterns limitation. It’s a bit between  —Incremental and —mask 
> No passwords with 4,3 or 2 digits in a row
> No passwords in all upper case 
> No passwords in all under case
> No passwords with more than 3 signs
> Etc …
> So, do you (or anyone) know of a way to skip those patterns? Besides greping the output to death? 

For (very) slow hashes, implementing an external filter and using
--external=... in addition to --incremental might be appropriate.

For existing filters, see the output of

$ ./john --list=ext-filters-only

Then check john.conf for these filters:

They might provide guidance for defining your own --external mode.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.