Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 27 Mar 2016 19:00:02 -0400
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: External Policy Filter

On Sat, Mar 26, 2016 at 2:00 PM, jfoug <jfoug@...nwall.net> wrote:
> Why not some rules:
>
> [List.Rules:PolicyFilter]
> # handle all permutations with all 5 ?l?u?d?s?b
>>7/?l/?u/?d :
>>7/?l/?u/?s :
>>7/?l/?u/?b :
>>7/?l/?d/?s :
>>7/?l/?d/?b :
>>7/?l/?s/?b :
> # handle all permutations with 4 ?u?d?s?b
>>7/?u/?d/?s :
>>7/?u/?d/?b :
>>7/?u/?s/?b :
> # handle  ?d?s?b
>>7/?d/?s/?b :
> # I 'think' that is it, but I am doing this off the cuff, so I may have
> missed some.
That would work much better! I didn't think to use "mask" in conf like that!
> Then simply run:
> ./john -w=rocku.txt -rules=PolicyFilter -stdout | unique
> rockyou-policy-filter.dic
>
> $ wc rockyou.txt
>  14344391  14442062 139921497 rockyou.txt
>
> $ ../john -w=rockyou.txt -rules=PolicyFilter -stdout | ../unique
> rockyou-policy.dic
> Press 'q' or Ctrl-C to abort, almost any other key for status
> 747744p 0:00:00:11 100.00% (2016-03-26 12:53) 63909p/s 957£}~w0¬z?>4ko
> Total lines read 747744 Unique lines written 645347
>
> So it completed in under 15s and built a file that was 22x smaller than
> rockyou.txt
> but contains only data that would likely pass the policy rules (note I say
> likely because
> it will depend upon code pages, etc, and the ?b does not map directly to
> unicode).
>
> This would not be a great method for a fast hash, but then if whoever wrote
> the login code
> was dumb enough to use a fast hash, then they certainly would not have been
> smart enough
> to use a policy like this, lol.
Nice work, thanks again!
-rich
>
> On 3/25/2016 8:02 PM, Rich Rumble wrote:
>>
>> I've been on many threads and re-read everything I can, but I can't
>> figure out how to change [List.External:Policy] to be closer to how
>> Microsoft has implemented their default complexity policy for
>> passwords.
>> https://technet.microsoft.com/en-us/library/cc786468%28v=ws.10%29.aspx
>> I'm only interested in making that policy do more dynamic matching...
>> meaning instead of filtering on static character classes (?u?l?d,
>> ?u?l?s, ?u?s?d etc...) have do more if not at least 3 of these
>> combinations of classes, then reject.
>> So allow: ( >7 )
>> Asdf12#$  (?u?l?d?s)
>> Asdf1234   (?u?d?l)
>> ABCD3fgh (?u?d?l)
>> asdf@$$1  (?l?s?d)
>> A@...5%% (u?l?d?s)
>>
>> Maybe a perl or regex script is better suited for the task, especially
>> since I can't seem to get the length to go beyond 8 in my version of
>> jtr.
>> ./john.exe -w=rockyou.txt -external=policy -stdout
>> The regex's I've come across haven't been working to my satisfaction.
>> -rich
>
>
> --
> Community volunteer for John the Ripper project.
>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.