Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 15 Apr 2014 19:45:23 -0400
From: kzug <kzug10@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Filter password candidates generated by --incremental (was: EXTRA characters.)

Thanks Frank, 
Your help is really appreciated. 
K.


On TuesdayApr 15, 2014, at 1:31 PM, Frank Dittrich wrote:

> On 04/15/2014 07:10 PM, KZug wrote:
>> Is there a way with John to remove some patterns with —incremental output? 
>> I.e. With Jeff’s AES 256 issues that we had few weeks ago, his charset was limited AND he had a long list of patterns limitation. It’s a bit between  —Incremental and —mask 
>> 
>> No passwords with 4,3 or 2 digits in a row
>> No passwords in all upper case 
>> No passwords in all under case
>> No passwords with more than 3 signs
>> Etc …
>> 
>> So, do you (or anyone) know of a way to skip those patterns? Besides greping the output to death? 
> 
> For (very) slow hashes, implementing an external filter and using
> --external=... in addition to --incremental might be appropriate.
> 
> For existing filters, see the output of
> 
> $ ./john --list=ext-filters-only
> 
> 
> Then check john.conf for these filters:
> [List.External:AtLeast1-Simple]
> [List.External:AtLeast1-Generic]
> [List.External:Policy]
> 
> They might provide guidance for defining your own --external mode.
> 
> Frank
> 

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.