Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 22 Sep 2019 11:23:38 +0000
From: "TIMMERMAN, Jens" <>
To: "" <>
Subject: Re: Rules for Known Password Structure

Hi Dave,

On 9/20/19 10:54 PM, Dave Coleman wrote:
> All, 
> I have the following known passwords:
> ss15-vyp1wh1k1qeh82sm20-4d44qfek1zjnvsm26-hp3iibat127n6sm27-n6fqycthh3mcd

did you mean 4 distinct example passwords? The list somehow made this
into 1 long string, which is indeed very hard to bruteforce, but as
distinct passwords this comes closer to the realm of doable (your first
password seems to have 19 chars instead of 18?)


In this case you could try

./john -2='?d?l' --mask='s[sm]?d?d-?2?2?2?2?2?2?2?2?2?2?2?2?2 hash.txt

This will probably still take way to long to crack since you still have 2*10*10*36**13 combinations, but more passwords might give you more structure to encompass in the rule. e.g. in the first 3 char 14 is always a '1'?

The masking is just an encoding of your discovered rule, very straightforward on the command line.

See a recent john's manual for MASK: 

Jens Timmerman

> I would like to create a rule for these known passwords to find an unknown password, but don't know where to start.  
> I saw a prior post with these commmands:	const std::string one 	= "Ll";
> 	const std::string two 	= "o0";
> 	const std::string three	= all;
> 	const std::string four 	= all;
> 	const std::string five	= "-_";
> 	const std::string six	= all;
> 	const std::string seven	= all;
> 	const std::string eight	= "nN";However, I'm not sure where to edit/insert/create this text, or if this even proper syntax.
> Can someone point me in the right direction?
> My thoughts for this rule:-18 characters total-lowercase s for the first character-lowercase s or m for the second character-numeric characters for characters 4 and 5-a '-' for character 5-lowercase letters and numbers for the remaining characters
> Using the above as template with my rules, I hope it would go something like this:
> const std::string one     = "s";const std::string two     = "sm";const std::string three   = "?d";const std::string four    = "?d";const std::string five    = "-";
> const std::string six     = "?d?l";
> const std::string seven   = "?d?l";
> const std::string eight   = "?d?l";
> const std::string nine    = "?d?l";
> const std::string ten     = "?d?l";
> const std::string eleven  = "?d?l";
> const std::string twelve  = "?d?l";
> const std::string thirteen= "?d?l";
> const std::string forteen = "?d?l";
> const std::string fifteen = "?d?l";
> const std::string sixteen = "?d?l";
> const std::string seventeen= "?d?l";
> const std::string eighteen= "?d?l";
> I've never coded/programmed and need some pointers on this front.  The documentation in the john.conf is helpful, but I don't know the next steps.  I don't know where to put this (or...if this is even right).  
> If anyone is able to lend a hand, I'd greatly appreciate it.
> Thanks so much for your time and cooperation,
> Dave

Content of type "text/html" skipped

Download attachment "0xAD760CC853549596.asc" of type "application/pgp-keys" (12955 bytes)

Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.