Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CANnLRdiJdQgFKdeFzqAWWVfj4JWO99XuoyCaECSck5qL5p69Eg@mail.gmail.com>
Date: Thu, 20 Dec 2012 11:43:23 -0700
From: Stephen John Smoogen <smooge@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Charset filters and options

On 20 December 2012 09:03, Rich Rumble <richrumble@...il.com> wrote:
> I've searched all over, but can't exactly find the answer. If I want
> to make rockyou.txt into my own chr file (I'm increasing from 8 to 12
> length), and I use
> --external=filter_alnum, it yields the following:
>
> Successfully written charset file: alnum_12.chr (36 characters)
>
> Should I modify the external filter to also include Uppercase letters?
> It seems on the surface that only lower will be tried since it's a-z
> 0-9 (36).
> I've made this modification but so far I can't tell (1hour) if it's
> had an effect...
> if ((c < 'a' || c > 'z') && (c < '0' || c > '9') && (c < 'A' || c > 'Z')) {
> Naturally I've increased the CharCount to 62 after creating the chr file.
> I assume incremental mode takes CASE into account, all.chr seems to
> use uppercase characters, but the modified (the line above) doesn't
> seem to even though the charcount went from 36 to 62 after recreating.

It will only affect things to the probability that A-Z were used in
the rockyou which isn't a lot.. so you are going to have wait until
the first 35 characters are run or so before you start seeing a lot of
caps being checked . I have tried the following to various effects:

1) Build a filter and run rockyou.txt through it and then grep for
output which matches what I want. [EG if every password starts with a
capital.. grep '^[A-Z].*$' and then use that output to create a
trained file. This increases the chance of caps showing up in the
first letter before others.. but it is not going to stop showing up
test candidates like abcdefdg.

2) Run a long filter chain.. john --session=A --stdout --inc:alnum |
python filter.py | john --session=B --stdin --format=blah pwd.foo


> It's been discussed previously, but would it be possible to
> "artifically" pad the pot file with at least one uppercase character
> in each line so that incremental would be more likely to include an
> uppercase in each try? Or should I use my all lower alpha_num to
> stdout and use a mangling rule (NT) to make that happen. I'm sure I
> could use all.chr and specify the external filter, but that seems like
> it'd be slower than incremental "trained" to use at least 1 upper and
> 1 special or what have you.
> -rich



-- 
Stephen J Smoogen.
"Don't derail a useful feature for the 99% because you're not in it."
Linus Torvalds
"Years ago my mother used to say to me,... Elwood, you must be oh
so smart or oh so pleasant. Well, for years I was smart. I
recommend pleasant. You may quote me."  —James Stewart as Elwood P. Dowd

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.