Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 3 Mar 2021 12:52:29 +0100
From: MichaƂ Majchrowicz <>
Subject: Re: Implementing mixed mask attack

> So there are two approaches here:
> 1. Manually identify portions of keyspace to test next, keep track of
> what you've already tested, exclude that from further runs.  Rinse and
> repeat.  Tricky, can be a lot of effort, easy to get wrong or suboptimal
> (miss a portion of keyspace, or have something tested multiple times),
> generally also not optimal order of candidate passwords tested (thus,
> lower successful guess rate).  This sounds pretty bad, but the advantage
> is that you can then know and describe which portions you've completed -
> and not in terms of implementation specifics, but in simple terms (list
> the specific patterns).

This is level of detail that I like as I would like to know what works
and what doesn't.

> 2. Let JtR's incremental mode take care of all of this.
That's one of the reasons I am playing with descrypt (second is that
it's pretty popular on IoT) I know maximum length is 8 and testing
"anything" up to 7 chars can be done in reasonable time. So if those
pws are ascii (as I explained I assume they are due to telnet and by
comparing to others) it's only a matter of approach. For now I am only
gathering data and try to come up with some conclusions. Also possible
making any assumptions about what those IoT hashes are is pointless
but one of my goals is to check different approaches and learn what
works and what doesn't. Especially in situations where pure ?a mask
attack is not an option :)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.