Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CAF9uAtq26wWgt2z9VShen_NEfRFDDWJ69_2MG1Zs4YcAukL+tA@mail.gmail.com>
Date: Tue, 28 May 2013 11:58:07 -0400
From: Rafael Veras <rafaveguim@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Help with uppercase rule

Wow, that's really tricky!

Thanks a lot, it makes sense now.


On Tue, May 28, 2013 at 11:31 AM, Matt Weir <cweir@...edu> wrote:

> I know you only had questions about a couple parts of the rule, but to help
> everyone else out I'm just going to break down the entire the rule part by
> part, (explanations separated by a ':')
>
> -c : Reject rule if the hashtype is case insensitive, (for example LanMAN.
> No sense having an uppercase rule if everything is going to be
> automatically uppercased anyway)
> >2 : Only try words greater than two characters long
> !?X :Reject the rule if it contains a non-alpha numeric character. Aka
> not [a-zA-Z0-9].
> This is a tricky rule as ! is for reject, and ?x is for alpha numeric
> character, so capitalizing the 'X', aka ?X matches everything not alpha
> numeric.
> u: converts the word to uppercase
> Q: query memory to see if the rule has changed the word. Reject it if
> nothing has changed. Aka no sense making a guess if the word is '123456',
> or 'ABCD' since you will have already tried them with the ':' default rule
> M: Memorize the newly mangled word. This is where things get really
> complicated. Long story short, we want to reject all guesses that would be
> created by a simple capitalize rule since that would create duplicate
> guesses when we called the capitalize rule. So the rest of the checks are
> to remove those duplicates. Aka reject the word 'a12345' when it is
> uppercased to 'A12345'.
> c: capitalize the mangled guess. So 'PASSWORD' is changed to 'Password'.
> Note, it will only change if any letter but the first letter is
> capitalized.
> Q: Reject the guess unless it has changed. Aka only accept it if there were
> letters to capitalize that were not the first character
> u: Finally uppercase the word to reverse the capitalization we did earlier
> to detect duplicate guesses
>
> Matt
>
>
> On Tue, May 28, 2013 at 10:57 AM, Rafael Veras <rafaveguim@...il.com>
> wrote:
>
> > After reading the documentation, I'm still left with some questions about
> > the following rule:
> >
> > # Uppercase pure alphanumeric words
> > -c >2 !?X u Q M c Q u
> >
> > 1. What does !?X mean?
> >
> > 2. Why c (capitalize) is called after uppercase (u)? I thought capitalize
> > wouldn't have any effect after uppercase.
> >
> > 3. Why is uppercase called once again in the end?
> >
> > I guess I am missing something about the Q and M commands that occur in
> > between.
> >
> > Thanks,
> >
> >
> > --
> >
> > *Rafael Veras*
> >
> >
> >
>



-- 

*Rafael Veras*

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.