Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CANWtx02VhMp7rjV3B2ks23jaUJtHdSJEbnpZXkZFu4yCcGxGHQ@mail.gmail.com>
Date: Mon, 17 Dec 2012 21:13:23 -0500
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: new user help with list vs. incremental modes

On Mon, Dec 17, 2012 at 1:54 PM, Raleigh Rinehart
<rrinehart@...-estech.com> wrote:
> My question is this:  how do I best configure JtR to run for a known
> password pattern?  For example, if I know ahead of time the password is
> going to be of the form 3-6 alpha-numerical characters followed by 3-8
> digits?  I've gone through the documents, mailing lists and other resources
> but am still confused on the best approach attack to this.
Incremental isn't as likely to be effective (quickly) unless you tuned
the chr files (custom chr file) to try passwords of this pattern or
type. There should be quicker ways of doing it, like the rules you've
tried are one way (but they will be prepended to all words in your
wordlist).
You can also try the external modes like Knownforce. ./john
passwords.txt -external=knownforce
The default knownforce external module is 4 alpha (all lower?) and 4
digits, I think it can be easily tweaked to your use case. (I've
included what I believe would do the job at the bottom)
> When I run that with:
>     ./john --format=raw-sha512-cuda --device=1 --session:foo
> --wordlist=digits_list.txt -rules:Foo crackme.txt
>  JtR just seems to do nothing.  I let it run for a couple of hours but it
> never seemed to do anything.
> Running the status command returns this:
>     ./john --status=foo
>     fopen: foo.rec: No such file or directory
It's a GPU on a MAC so I'm not sure how well tested that is
> I am guessing it is because the digits_list.txt is too big (~950meg) or the
> way I've tried setting up the mangling is too inefficient.
This could also be it...

In the KnownForce external this should do a 1-3 alpha numeric (upper
and lower + digits) and 1-7 digits after (because the length is 10 in
this example, increase to 11 to have 1-8 digits). This will be a
"dumb" search, aaa1, aaa2, aaa3 etc... and will take a lot of time
potentially. I'm not sure it would be faster this way than using the
rules you created on a one line wordlist file, and I've not tested the
code below, I think it's right.
<snip>


	length = 10;	// Password length to try

/* This defines the character sets for different character positions */
	pos = 0;
	while (pos < 3) {
		ofs = pos++ << 8;
		i = 0;
		c = '0';
		while (c <= '9')
			charset[ofs + i++] = c++;
		c = 'A';
		while (c <= 'Z')
			charset[ofs + i++] = c++;
		c = 'a';
		while (c <= 'z')
			charset[ofs + i++] = c++;
		charset[ofs + i] = 0;
	}
	while (pos < length) {
		ofs = pos++ << 8;
		i = 0;
		c = '0';
		while (c <= '9')
			charset[ofs + i++] = c++;
		charset[ofs + i] = 0;
	}

	last = length - 1;
	pos = -1;
	while (++pos <= last)
		word[pos] = charset[id[pos] = pos << 8];
	lastid = (lastofs = last << 8) - 1;
	word[pos] = 0;
}

void generate()

</snip>
-rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.