Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <50C6EDDD.1040108@banquise.net>
Date: Tue, 11 Dec 2012 09:25:01 +0100
From: Simon Marechal <simon@...quise.net>
To: john-users@...ts.openwall.com
Subject: Re: Hashcat BF++ vs JtR Incremental and Markov Modes:
 (was How does incremental mode works?)

On 11/12/2012 06:43, Matt Weir wrote:
> All my observations about Hashcat's Bruteforce++ mode are based on using
> Hashcat's statsprocessor (version 0.08). According to the documentation, it
> uses the same algorithm as Hashcat's other cracking programs but I could be
> wrong. Speaking about documentation, there isn't a whole lot about what BF++
> actually does under the hood. I also don't have access to the source-code
> nor have I reversed it. So please take everything I say with a grain of
> salt. On a related note, Hashcat's wiki states:

Actually it is not the same algorithm, as BF++ bruteforces the first 2
characters (which explains your observations). This means that
statsprocessor should perform better than BF++ with regards to the
passwords cracked / passwords tested ratio.

I have made a similar comparison, but with an old version of statsprocessor:

http://www.openwall.com/presentations/Passwords12-Probabilistic-Models/slide-30.html

(You might want to check the slides, as it benchmarks something that was
inspired by your thesis!)


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.