Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 11 Jun 2016 13:15:18 +0200
From: magnum <john.magnum@...hmail.com>
To: john-users@...ts.openwall.com
Subject: Re: Derive stats/rules/masks from a bunch of plains

On 2016-06-10 19:18, Patrick Proniewski wrote:
> I've got a bunch of plains. About 1500 of them are 8 char long, mostly random and issued at account creation and not changed since. The 12000 other plains are user picked after account creation, ranging from 9 to 49 char long.
>
> What would be the best tool(s) to derive interesting stuffs from these plains like rules/masks/statistics…? Anything that would help me optimize cracking sessions (these are not supposed to be plains, I plan to make a password audit by cracking their hash counterparts, and I've got about 24000 more hashed password from same source).

We have a quick'n'dirty "unrule.pl" in Jumbo's run directory, based on a 
oneliner by epixoip IIRC. It tries to un-l33t words, chop other 
characters and produce a unique list of base words. Run that on your 
plains and then use the output as a wordlist with some gigantic ruleset 
like --rules=all (or, for slower hash types, some smaller ruleset with 
more finesse).

This is a very rough tool though, there are more advanced ones around. I 
think a recent thread on Hashcat forums mentioned a few tools.

magnum

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.