Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sat, 21 Sep 2019 13:19:36 +0200
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Rules for Known Password Structure

On Fri, Sep 20, 2019 at 08:54:37PM +0000, Dave Coleman wrote:
> I have the following known passwords:
> ss15-vyp1wh1k1qeh82sm20-4d44qfek1zjnvsm26-hp3iibat127n6sm27-n6fqycthh3mcd

A password like this is way too long to crack even if you target its
specific pattern.  You're out of luck cracking anything like this unless
you have additional information or there's a vulnerability in the
password generator program, which you'd then need to have someone
research and exploit for you.

> I would like to create a rule for these known passwords to find an unknown password, but don't know where to start.
> I saw a prior post with these commmands:	const std::string one 	= "Ll";
> 	const std::string two 	= "o0";
> 	const std::string three	= all;
> 	const std::string four 	= all;
> 	const std::string five	= "-_";
> 	const std::string six	= all;
> 	const std::string seven	= all;
> 	const std::string eight	= "nN";However, I'm not sure where to edit/insert/create this text, or if this even proper syntax.
> Can someone point me in the right direction?

What you found isn't a syntax you should use.  Please disregard that
"prior post" you found, it would merely continue to confuse you.

If you had a chance of cracking that password (which you almost
certainly don't), then you'd use "mask mode" for this, and the syntax
would be something like:

> My thoughts for this rule:-18 characters total-lowercase s for the first character-lowercase s or m for the second character-numeric characters for characters 4 and 5-a '-' for character 5-lowercase letters and numbers for the remaining characters

./john -2='?d?l' --mask='s[sm]?d?d-?2?2?2?2?2?2?2?2?2?2?2?2?2?2?2?2?2?2-?2?2?2?2?2?2?2?2?2?2?2?2?2?2?2?2?2-?2?2?2?2?2?2?2?2?2?2?2?2?2?2?2?2?2-?2?2?2?2?2?2?2?2?2?2?2?2?2' hash.txt

You do not need to edit john.conf, nor any other file.

But your chances of actually cracking a password with this are
practically non-existent, so there's no point even trying.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.