|
Message-ID: <4DA4ECA0.7080308@bredband.net> Date: Wed, 13 Apr 2011 02:21:52 +0200 From: magnum <rawsmooth@...dband.net> To: john-dev@...ts.openwall.com Subject: Re: [GSoC] Johnny - GUI frontend for JtR On 2011-04-13 00:04, Aleksey Cherepanov wrote: >> interesting/crazy usages of JtR you might have are very welcomed. > > I think case correction (lm-ntlm pair cracking) is interesting: Good idea. Other similar "operations": * Invoke (or rather re-implement) the netntlm.pl script for attacking NetLM hashes (NetHalfLM -> NetLM -> NetNTLM). * Use the current john.pot as a wordlist, with or without rules. * Use -show from one (or several) file(s) as wordlist for another (or several), w/ or w/o rules. Maybe even automation of the procedure outlined here: http://openwall.info/wiki/john/markov#Real-world-usage-example From the user perspective, this would ideally just involve picking the target file, stating how long you want the attack to run and on how many cores. The GUI could benchmark, pick a level, split it in chunks and launch the processes. Have anyone suggested job queueing? You could pause the running job (moving it down the queue) for a quick other job. When that finishes, the job that was paused is restored automatically. This gets even better (and trickier) on a multi core machine. Combining multi core job queueing with the other procedures (on a multicore machine): * Start a job attacking LM hashes using, say, 6 cores of 8 (running one omp-des-7 instance of John). Cracked uppercase passwords automatically (and on the fly) result in new jobs queued (and started, if a core is free for use) for case correction against the corresponding NT hashes. * The NetHalfLM -> NetLM -> NetNTLM scenario could use a similar approach. * You could also schedule incrementing levels of Markov (assuming we have Simon's later version that can take a minlevel) as that mode does not (otherwise) find the easy passwords early. magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.