Date: Tue, 15 Apr 2014 19:31:04 +0200 From: Frank Dittrich <frank.dittrich@...lbox.org> To: john-users@...ts.openwall.com Subject: Filter password candidates generated by --incremental (was: EXTRA characters.) On 04/15/2014 07:10 PM, KZug wrote: > Is there a way with John to remove some patterns with —incremental output? > I.e. With Jeff’s AES 256 issues that we had few weeks ago, his charset was limited AND he had a long list of patterns limitation. It’s a bit between —Incremental and —mask > > No passwords with 4,3 or 2 digits in a row > No passwords in all upper case > No passwords in all under case > No passwords with more than 3 signs > Etc … > > So, do you (or anyone) know of a way to skip those patterns? Besides greping the output to death? For (very) slow hashes, implementing an external filter and using --external=... in addition to --incremental might be appropriate. For existing filters, see the output of $ ./john --list=ext-filters-only Then check john.conf for these filters: [List.External:AtLeast1-Simple] [List.External:AtLeast1-Generic] [List.External:Policy] They might provide guidance for defining your own --external mode. Frank
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.