[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <40F34835-66A5-4DB9-B3CA-FE81BF835349@patpro.net>
Date: Thu, 18 Dec 2014 14:31:41 +0100
From: Patrick Proniewski <patpro@...pro.net>
To: john-users@...ts.openwall.com
Subject: Re: content of passwd file and --single
On 18 déc. 2014, at 14:26, magnum wrote:
>>> #define issep \
>>> "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~\177"
>>
>> Ok thanks! So basically I should be able to fill the GECOS field with many info grabbed from the LDIF file, just in case some user's passwd includes their phone number or staff ID.
>
> Yes. When attacking hashes from some DB dump that also includes eg. email addresses, full names and lots of other stuff, I use to stuff the gecos field with anything that can possibly make sense and in no particular order.
>
> If you put a lot of stuff there though, there is a limit in how many of them will be combined for creating "word pairs". Every word will be tried, but not every combination of pairs. In core Jumbo this limit is 4 and hard-coded in params.h. In bleeding-jumbo the limit is bumped to 6 and you can even change it in john.conf.
>
> This thread might explain it better:
> http://www.openwall.com/lists/john-users/2011/03/22/8
Thank you for these info!
Patrick
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
