Date: Tue, 14 Jun 2016 06:14:46 +0200 From: Patrick Proniewski <patpro@...pro.net> To: passwords@...ts.openwall.com Subject: Re: Derive stats/rules/masks from a bunch of plains On 13 juin 2016, at 15:54, Matt Weir wrote: > For John the Ripper, the best automatic rule generator that I'm aware of is bartavelle's which is available at: > > https://github.com/bartavelle/rulesfinder > > It doesn't do passphrases though, and it's been a number of years since it's been updated. Side note, automatically breaking up passphrases is a really tricky problem unless the person creating them was nice enough to capitalize each of the words. Part of this is due to poor input dictionaries. Heck even determining keyboard combos is not exactly straightforward since you'd be surprised how many real words follow a partial keyboard walk. well, when the password is like "ceci n'est pas une pipe", you might expect proper word detection :) (pipal fails). But I do agree it's a tough problem. May be the ultimate solution is to use a google api. Searching for "cecin'estpas1pipe" will properly detect "ceci n'est pas 1 pipe" and will also retrieve "ceci n'est pas une pipe", with context. Unfortunately google api will fail if the passphrase is less famous, like mypasswordIsnohaiku (no result). > If you are looking for more experimental work, you can check out my pcfg guess generator at: > > https://github.com/lakiw/pcfg_cracker > > It's still *very* much in development so unfortunately it doesn't support longer cracking sessions at this moment. That being said, the training program breaks down a lot of statistics about the training password set that you might be able to use. It doesn't currently display them to the screen so you'll need to dig into the rules directory yourself. If you do use it please feel free to give me feedback and I apologize in advance for my horrendously late replies :) thanks a lot for these 2 tools, I've downloaded them and will try them ASAP. pat
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.