Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 10 Sep 2015 16:39:44 +0200
From: Frank Dittrich <frank.dittrich@...lbox.org>
To: john-users@...ts.openwall.com
Subject: Re: PRINCE-elem-cnt-max

On 09/10/2015 04:15 PM, Luis Rocha wrote:
>>
>> That's not characters, but words, unless your wordlist just contains a
>> list of individual characters.

You got the quoting wrong. You dropped the line (which your mail user
agent should have created) indicating that I wrote the first sentence
you quoted.

>> Yep, that's exactly the case.

And you got that one wrong as well (it looks as if it is written by the
author you replied to, but it was written by you).

>> I doubt that combining more than 8 words from a word list into a
>> password candidate really helps.
> 
> 
> I was asking so I could use it as fast alternative to the  --make-charset
> and --incremental mode which seems to not handle well the 2 and 3 bytes
> chars even with the --internal-encoding=utf  and --enconding=utf

I think that use of prince mode is a very poor substitute for
incremental mode, because incremental mode and markov mode make much
better use of character frequency information.

I would use both incremental mode and markov mode.

Incremental mode (with your own charset file) will find many new cracks.
At the beginning of running incremental mode, there shouldn't be many
problems with illegal unicode characters (because incremental mode will
still have enough information about trigraph frequency...).
But the longer you run incremental mode, the more of these problems you
will see.

Markov mode will produce fewer illegal utf-8 characters than incremental
mode. (It will have illegal characters at the end of the word from time
to time, but not too many.
(Read doc/MARKOV before using it.)

While incremental mode will try more likely candidates first, then
proceed to less likely candidates, markov mode will produce candidates
which match the min./max. Markov mode levels specified. So you might
want to start markov mode with a smaller level first, and then try
higher levels. (With each level, the run time will increase exponentially.)

Of course, when using incremental mode or markov mode, you should set
DefaultInternalEncoding = UTF-8
in the [Local:Options] section of your john-local.conf file.

Frank

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.