[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <50AA76FA.7090701@banquise.net>
Date: Mon, 19 Nov 2012 19:14:18 +0100
From: Simon Marechal <simon@...quise.net>
To: john-users@...ts.openwall.com
Subject: Re: How does incremental mode works?
On 11/19/2012 04:59 PM, Richard Miles wrote:
>> > In most cases, you don't know how the passwords you want to crack will
>> > look like.
>> > In this case, the rockyou list probably is a safe bet.
>> > Please note that it might not be if password policy enforces passwords
>> > which are way more complicated than the average rockyou password.
>> >
> And what do you recommend as a dictionary to generate a stats file for
> companies using password policy enforcement?
This will usually not work too well. This is not a silver bullet ...
You need a different model in order to account for this kind of
passwords. Mangling rules are probably more effective here ...
These days I do not have a good source of "real corporate passwords", I
only work on the public leaks, so I really can't answer this ...
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
