Date: Tue, 2 Mar 2021 22:53:40 +0100 From: Michał Majchrowicz <sectroyer@...il.com> To: john-users@...ts.openwall.com Subject: Re: Implementing mixed mask attack > FWIW, the reported speed would become lower with any kind of filtering > even if the filtering helps reduce the total running time. Yeah, I just assumed that with such big keyspace reduction it would still overcome the "overhead" ;) > It looks like you're sort of trying to do what incremental mode does on > its own - test more likely patterns first. Have you tried simply > letting the default incremental mode run for a long while, and see how > it fares against your masks? For a fair comparison, give both runs the > same set of hashes without anything in the pot file(s) yet. Try this > without splitting it across your many nodes yet, to remove the effects > of that from comparison of the modes' basic functionality. For now I tried both all and jumbo rules on a 133MB(version of) rockyou.txt. Problem with "my masks" is that I don't know which one should I use :) For now I only know remaining pws are NOT in ?l?d keyspace of 8 char descrypt. I also tried single uppercase letter. What remains is that either there are pws with more uppercase letters, special chars or possible some are even not ascii. I just noticed two patterns in pws that I found (myself or other people). On IoT devices pws have some commond "schema" like part of company name and some "random junk" or they are (what looks to be) completely random. I assume also if those devices DO have telnet (enabled by default or via some cmd) that those pws are in fact ascii. BTW thanks for the info about --fork and openmp difference, I have created separate thread about it. I will run increment on 32 core node for a night will see if it finds anything :)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.