Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 28 Apr 2017 14:48:12 -0700
From: B B <>
Subject: Re: How to stop consideration of repeated characters

Thank you,
This is very helpful information.
> <john-users-subscribe at> Apr 28, 2017, at 1:44 PM, Solar Designer <> wrote:
> Hello Bill,
> On Fri, Apr 28, 2017 at 01:30:40PM -0700, B B wrote:
>> I am new to JtR and am trying to recover a lost password for which I have both a probable beginning and end. I also have a limited character set for the middle of the password.
>> I have been using Crunch to generate word lists but these lists have repeated characters such as [known}aaab[known]. I know for a fact there are NO repeated characters in my lost password but can not find any mention of a rule? to reject them. 
> This is tricky and most likely unreasonable to do.  What hash or file
> type are you attacking?  How fast does the attack go?  It is unlikely
> that reducing the keyspace by such a small margin is going to
> significantly improve your chances of cracking that password within the
> timeframe you're willing to allocate.

I am attacking a FileVault sparsebundle img hash retrieved with dmg2john (AES256) so realize I must seriously cut down on the possibilities. I have 10 years of data locked away from the simple mistake of creating a 2nd admin account on my laptop to edit my main account. When I checked a Filevault checkbox I did not realize it would RE-encrypt everything to the new admin account and even nullify the original FileVault key.  I promptly deleted the account and forgot the password after doing what I needed to do. Sort of stupid, but more like a sloppy mistake.
I am using 1.80 Jumbo.

>> Another question, to get around the use of Crunch, is can I quote a fixed/known character string at the beginning and the end in a rule?
>> Such as ???pass???A-z???word????
> You don't need Crunch.  With recent JtR -jumbo, you can achieve the same
> with its mask mode, e.g.:
> john -9='?l?u' --mask='pass?9?9?9?9word' passwd-file-here
> or e.g.:
> john -9='?l?u' --mask='pass?9?9[aeiou]?9word' passwd-file-here
> to restrict one of the characters to a smaller set.  You can also use
> character ranges, etc.

> To likely significantly improve your chances, you can use e.g.:

> john --inc=alpha --min-len=12 --max-len=12 --mask='pass?wword' passwd-file-here

./john --inc=LowerNum --min-len=12 --max-len=12 --mask=‘pass?wword’

This seems to work fine. Hmm, about 3 weeks with my configuration with 5 unknowns, guess I’ll fire up another box!!!
I may have to do several of these at different lengths, maybe up to 6 characters which I'm not sure is possible. I am prepared to spend electricity on this problem. ;)

> so that the 4 character (in this example) portion in the middle is
> filled with character sequences sorted for decreasing estimated
> probability based on character frequencies in other passwords.
Is this something I create (other passwords) or what is built into the config file already that you are referring to? ( I believe I’ve read I can create such a file).

>  Things
> like this can make far greater difference than omitting a small fraction
> of the keyspace would.

 I know for a fact I did not use z, x or q. Now I could go with —inc LowerNUM which shouldn’t be to bad in iterations of 4 and 5 unknown characters. Are you saying, to be clear that the difference between LowerNUM and a custom character set is not efficient? I note that LowerNum is about 36 vs 27 I am fairly certain about. 

Thank you

> Alexander

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.