Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 25 Jan 2021 15:52:13 +0100
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: source of information for John's charset files

Hi Johny,

On Mon, Jan 25, 2021 at 03:11:57PM +0100, Johny Krekan wrote:
> Every .chr file which is used in John was generated from some .pot file 
> which contained lots of words/passwords.

Right.  All of the .chr files supplied with JtR were generated from the
same source - a fake .pot file containing the RockYou list, including
duplicates.  I think the RockYou list is no longer redistributed that
way (with the duplicates intact), but if desired this can be recreated
from the "with counts" version of the list found on the SkullSecurity
wiki.  The .chr files were made different through use of different word
filters, which are included as external modes in john.conf.

The included "makechr" script can be used to regenerate the .chr files
using whatever filters john.conf defines (with names matching that
script's embedded regexp) and whatever happens to be in john.pot.  Since
a few new filters were added since, I expect this will generate more
.chr files now.  Some of those might not make sense for actual use -
especially the recently added Filter_NoRepeats and Filter_Repeats were
not intended for generating .chr files.  Their resulting .chr files
won't strictly result in (no) repeated characters despite of the names,
but would probably have biases that do reflect the names, which might or
might not be useful.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.