Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 11 Nov 2016 08:04:56 -0600
From: jfoug <>
Subject: Re: alter default rules or filter, best way to focus on
 proper candidates?

On 11/11/2016 4:34 AM, Patrick Proniewski wrote:
> On 09 nov. 2016, at 23:36, Solar Designer wrote:
>> As you can see, the total running time may also drop, so filters may
>> nevertheless be beneficial if you're sure none of those extra candidates
>> would result in a successful guess, but you can rarely be sure.
> the performance gain or loss is very hard to guess before hand, as it depends on the match between used rules and real passwords in the dump…
Agreed.  And this is also another reason why if you have certain 
dictionaries which are run man times, and using rule sets that do almost 
identical candidate filtering, that it is often MUCH faster to do that 
candidate filtering upfront and create multiple wordlists which are 
subgroups of the 'real' wordlist.  There are certain filters where you 
may have a wordlist with 50 million words, and after the filter, only 5 
hundred thousand words end up NOT being filtered out.  I will assure 
you, that running a 500k wordlist is much faster than running a 50 
million wordlist but only processing 500k of them.  And if you had 
dozens, or 100's of rules which used that filtering, AND this 
ruleset/wordlist is something you use all the time, making a 
sub-wordlist that contains JUST the unfiltered candidates, and making 
sure that ONLY the rules with that exact requirements filter are in 
their own group, will speed up that part of the search a lot.

It is all learning HOW to better use the tool. Finding edges like this 
can be as big an improvement as the john developers supporting the 
latest/greatest iron to get higher throughput.

One other side though.  The fastest way to process a word, is to NEVER 
process the word.  Getting the 'right' rules (i.e. best you can), 
getting the best targeted wordlists, etc is also key.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.