Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAOtMX2gsvne7dXHr2sRvFeM76OyCMAsSLvkhm=r5oSHmh+qSiA@mail.gmail.com>
Date: Mon, 5 Apr 2021 20:49:12 -0600
From: alan somers <asomers@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Help crafting a specific ruleset

On Mon, Apr 5, 2021 at 3:22 PM Solar Designer <solar@...nwall.com> wrote:

> Hi Alan,
>
> On Mon, Apr 05, 2021 at 01:55:21PM -0600, alan somers wrote:
> > I need to recover one of my own passwords that I've forgotten.  But I
> > haven't *completely* forgotten it, only *slightly* forgotten.  So I think
> > John can recover it quickly if I can just figure out how to craft a
> > suitably specific ruleset.  Could somebody please help me?
> >
> > * I remember the beginning (let's call it "abc")
> > * I have a pretty good idea of the length.  It's probably between X and Y
> > characters long
> > * The remaining characters are drawn from a small set (let's call it
> > [qwerty$%^])
> > * No character is repeated
> > * I even have a good guess at the order of the characters, though
> obviously
> > not perfect.  Ideally John would be able to start from my guess and
> iterate
> > from there.
> >
> > How would I express this to John?
>
> The primary way to do it would be to use mask mode, like this:
>
> ./john -2='qwerty$%^' -mask='abc?2' -min-len=X -max-len=Y hash.txt
>
> or:
>
> ./john -mask='abc[qwerty$%^]' -min-len=X -max-len=Y hash.txt
>
> or:
>
> ./john -mask='abc[qwe][qwerty][rty][$%^]' hash.txt
> ./john -mask='abc[qwe][qwerty][rty][rty][$%^]' hash.txt
> ./john -mask='abc[qwe][qwerty][rty][rty][rty][$%^]' hash.txt
>
> If your hash type is slow, you can add "--external=Filter_NoRepeats" to
> any of these commands.  With a fast hash, this isn't worth the overhead.
>
> Another way would be to put your one guess or a few guesses at the
> password into a wordlist file and apply word mangling rules to that:
>
> echo 'abcqwerty$%^' > word.txt
> ./john -w=word.txt --rules=oi hash.txt
>
> Here, "oi" is a pre-defined ruleset that performs some overstrikes and
> inserts.
>
> A weird trick you could also try is to train JtR's incremental mode on
> your guess(es):
>
> echo ':abcqwerty$%^' >> fake.pot
> # ... and more of these here; also note the leading colon
> ./john --make-charset=custom.chr --pot=fake.pot
> ./john --incremental=custom hash.txt
>
> Alexander
>

Thank you!  The first method probably would've worked, but the ETA was
several days.  Adding --external=Filter_NoRepeats didn't work.  It fails
with "Unknown external mode: Filter_NoRepeats".  However, the final
technique worked: training incremental mode on my guesses.  It worked
fairly quickly because the guesses were close.
-Alan

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.