Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Fri, 11 Nov 2016 20:15:19 +0100
From: Patrick Proniewski <patpro@...pro.net>
To: john-users@...ts.openwall.com
Subject: Re: alter default rules or filter, best way to focus on proper candidates?

On 11 nov. 2016, at 19:30, Solar Designer wrote:

>> the performance gain or loss is very hard to guess before hand, as it depends on the match between used rules and real passwords in the dump?
> 
> Yes, but I primarily meant that you can rarely be sure that the candidate
> passwords you'd be filtering out would not crack anything at all.  This
> question arises when performing security audits, rather than when doing
> hobbyist cracking of public dumps as you seem to.


I'm doing both, but the hobbyist part accounts for 99.9% of my time with JtR. While auditing passwords at work, I use what I've learned during this hobby but in a very focused way as I've already a good knowledge of what my users are doing.


>> thanks. Would it be interesting to use "i != 10" inside Filter_LowerNum
> 
> I guess you mean inside the modified Policy mode.

yes, that would be replacing "--external=Filter_LowerNum --max-length=10" with a custom Policy mode


>> instead of '--max-length=10' at command line?
> 
> Yes, you can try doing it either way, but I expect the builtin
> "--max-length=10" feature to be faster than the external mode's check.

ok, thanks.

patpro

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.