Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CANWtx02Ce1fP-rQgdrezVe11R5Q3CVedPoQRYuaUYc4ykZ5igQ@mail.gmail.com>
Date: Mon, 12 Nov 2012 14:54:16 -0500
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: How does incremental mode works?

On Mon, Nov 12, 2012 at 2:20 PM, Richard Miles
<richard.k.miles@...glemail.com> wrote:
> Hi all
>
> I see that default incremental option is not a sequential brute force. Can
> someone please give me details about how it works and how password
> candidates are generated and selected?
Read the MODES documentation: http://www.openwall.com/john/doc/MODES.shtml
Basically JtR is trying more likely candidates based on a certain
dataset using Tri-graph frequencies (or some such:). You can "train"
your chr files to suit the hashes you're cracking and possibly get
even better results... If your auditing a company and a product or
brand name appears in peoples passwords, creating a custom chr file
may be a good idea, as those letters/characters are showing up for
frequently and might get hashes to fall faster in that instance. If
you then used that same custom chr file against another list from a
different source, your results will probably very poor. Incremental
mode is limited to 8 character places, but can be made longer.
http://www.openwall.com/john/doc/EXAMPLES.shtml (custom chr)
More Info http://www.openwall.com/lists/john-users/2009/02/20/3

> Also, I see that OCL hashcat has a similar feature which also give us good
> results. Is there any kind of comparison between the two modes used? Which
> one is more effective? Or downside and upsides for jTr and OCL hashcat?
Maybe this Reddit article addresses some of that, I dunno.

   With JtR's incremental mode, every character is determined by
{length, position, previous two characters}.
The above is from
http://www.reddit.com/r/crypto/comments/yuqyi/john_the_ripper_vs_oclhashcatlite#id-t2_4r8q1

-rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.