Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <BAY105-F3008F6578AC57319AF4A8EFD0C0@phx.gbl>
Date: Wed, 04 Jul 2007 00:23:30 +0200
From: "Frank Dittrich" <frank_dittrich@...mail.com>
To: john-users@...ts.openwall.com
Subject: Re: Incremental mode limited to 8 character words?

Tom Earp wrote:
>i've seen that post about the 16 digit generation....but it doesn't really 
>help. modifying the source for that application reduces the character set 
>from the full set of printable characters to just numbers, so increasing 
>the output length keeps it within the "64 bit limit" as described in the 
>source
>
>from the source.......... (params.h)
>
>/*
>* Charset parameters.
>* Be careful if you change these, ((SIZE ** LENGTH) * SCALE) should fit
>* into 64 bits.  You can reduce the SCALE if required.
>*/
>#define CHARSET_MIN			' '
>#define CHARSET_MAX			0x7E
>#define CHARSET_SIZE			(CHARSET_MAX - CHARSET_MIN + 1)
>#define CHARSET_LENGTH			8
>#define CHARSET_SCALE			0x100
>

CHARSET_MIN is space (0x20 = 32)
CHARSET_MAX is the '~' character (0x7E = 126).
(at least for ASCII)

So you have (126 – 32 + 1) = 95 different characters.
For max. password length 8, you have (95**8),
ca. 6.634e+15 combinations.
CHARSET_SCALE is 0x100 = 256.

I didn't study the source, but since CHARSET_MAX is < 128,
you might get away with CHARSET_SCALE=128, or 0x80.
(If possible, I would not set  CHARSET_SCALE to a value which is
not a power of 2, since I'd expect a performance impact otherwise.)
64bit means 2**64, which is about 1.845e+19.
If you divide this value by (95**8),  you get 2780.555...
If you divide that by 256, you'll get a value less than 11,
meaning the 9th position of your password candidate cannot use
all 95 different values required, and an overflow will occur.
Even if you use 0x80 as CHARSET_SCALE, you only have 21 characters
left for the 9th position.
So your only choice is reducing the charset size.
May be you don't have all the 95 characters from ' ' to '~' in your
john.pot file.
Set CHARSET_MIN to the min. char, e.g. ' ', and CHARSET_MAX to the
max. character, e.g. '~'.
Set  CHARSET_SCALE to 0x80.
If you have not more than 80 different characters,
you should be able to set CHARSET_LENGTH to 9.
(80 ** 9) * 128 is about 1.172e+19, which is smaller than (2**64).
For length 10, you can only use 51 different characters, and so on.
When creating a new .chr file, john mentions the number of different
characters used.

>if i change charset_length to 16 and change nothing else, it compiles, but 
>then when i try to create a new .chr file i get the error "pow64of32() 
>overflow"
>i have tried adjusting the charset_scale value to something lower, but it 
>had no effect and i still got the overflow error

Yes, for length 16, you can probably use just 11 different
characters.
I don't now if you can reduce CHARSET_SCALE even more,
a specially crafted john.pot file and an external mode.

>if i implement an external mode in jtr, will it generate the words in a 
>simple brute-force way, or will it still do the business of creating better 
>combinations like it does with the incremental mode?

It depends on the definition of your external mode, but that would be
extremely hard to to.

Why are you sure you need an incremental mode with password
length > 8?
If password length 9 is OK, you could combine the incremental mode
(MinLength = MaxLength = 8) and an external mode which always
appends the same character.
(You could run one session which appends '1' to the passwords
generated using incremental mode, another session which appends 2, ...
Just check the frequency of last characters in your john.pot file for
suitable candidates.

>----- Original Message ----- From: "Frank Dittrich"

Please don't top-post, and don't full-quote.
(I know using hotmail doesn't produce reasonable mails either,
but I try to avoid most of the usual problems caused by
inappropriate MUAs, see
http://learn.to/quote
OK, a mailing list is not usenet, but I think that similar “rules” apply.

Frank

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/


-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.