|
Message-ID: <1333035874.8843.69.camel@localhost> Date: Thu, 29 Mar 2012 10:44:34 -0500 From: jmk <jmk@...fus.net> To: john-users@...ts.openwall.com Subject: Re: Simple John Rules Example On Thu, 2012-03-29 at 15:30 +0400, Solar Designer wrote: > On Wed, Mar 28, 2012 at 04:01:07PM -0500, jmk wrote: > > I just started playing with John rules and I'm thoroughly confused. I'm > > attempting to simply try different combinations of vowel removal. For > > example, if my dictionary contains "bonkers", I'd like to test bonkers, > > bnkers, bonkrs, and bnkrs. I can purge all vowels with "@?v", but that > > isn't what I'm looking for. I can remove the first vowel with "/?v Dp > > Q", but that isn't right either. > > You can use something like this: > > %4?v Dp %3?v D[p*] %2?v D[p*] /?v D[p*] > %3?v Dp %2?v D[p*] /?v D[p*] > %2?v Dp /?v D[p*] > /?v Dp > > This example works for words with up to 4 vowels (you can easily expand > it to work for up to 5, etc.) Unfortunately, it is somewhat inefficient: > many of the rules produced after preprocessor expansion will happen to > reject many of the input words. The rules are currently such that each > rule can produce at most one candidate password from one input word, so > in order to have multiple candidate passwords per input word we have to > use multiple rules (or have them generated with the preprocessor like > in the example above - those square brackets do it). Thanks for the example rules! If you don't mind, I have a few questions to help me understand them better: - Am I correct to assume the "*" in "[p*]" works as a toggle, causing the rule to produce candidate passwords with both the character at that position and it removed? - I'm assuming the rules are processed left to right, correct? With the rule "%2?v Dp /?v D[p*]" and the input word of "boat", the whole word is processed by the first part of the rule. After that, the second part of the rule is looking at just "at". - If I wanted to add "y" in as a vowel, it appears it is not as simple as just replacing "?v" with "[aeiouy]". Is that correct? - Does the order of rules matter? I see you went from 4 vowel words down to 1. Would the reverse order be any different? - I'm playing with expanding these rules to capitalize the first letter and append digits/symbols. If I have 7 different append rules (1-4 digits, 1-3 digits + 1 symbol), I'm looking at 28 total rules (4 vowel x 7 append), right? For example: ... %3?v [c] Dp %2?v D[p*] /?v D[p*] Azq[0-9][0-9][!$@...^&()_+\-={}|[\]\ \;'":,/<>?`~*]q <+ %3?v [c] Dp %2?v D[p*] /?v D[p*] Azq[0-9][0-9][0-9][!$@...^&()_ +\-={}|[\]\\;'":,/<>?`~*]q <+ ... %2?v [c] Dp /?v D[p*] Azq[0-9]q <+ %2?v [c] Dp /?v D[p*] Azq[0-9][0-9]q <+ ... Thanks for your time. Joe
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.