|
Message-ID: <CAJ9ii1EzUEMpgkzCNCjRvS+z45MQ+gHgeZ1ouvKnEt+pQDCKOA@mail.gmail.com> Date: Mon, 25 Sep 2017 16:45:23 -0400 From: Matt Weir <cweir@...edu> To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com> Subject: Experiences Using Prince Mode Hey All, I don't know if I'll ever get around to finishing it but I'm thinking of writing a guide to using --prince mode attack.The base code is available at https://github.com/hashcat/princeprocessor, and is included by default in JtR bleeding-jumbo release. For those who are not familiar with it, in a nutshell Prince takes all the words in an input dictionary and combines them multiple times. If you are curious about more of the details I have a very outdated blog post on it at http://reusablesec.blogspot.com/2014/12/tool-deep-dive-prince.html What I'd like to know is other people's experiences using Prince. If you've used it and are willing to share I'd appreciate it if you could respond to this thread. I'm sure other people would be interested to hear what you have to say as well! To kick things off I've found it's extremely helpful when using Prince to include a short bruteforce in my wordlist. For example, all values 1 to 3 letters/digits/special characters long. Now, you certainly could limit that to only likely characters, but I usually find myself using Prince on fast hashes so I'm not too focused on optimizing it. The impact of doing that seems to be dramatic vs only using an input dictionary containing cracked passwords. For example, '1' might not be a valid password, but if '1cow1pig', is the password you are trying to crack then without that '1' you likely won't create that combo. Also, I tend to use Prince as a bridge before I do incremental/mask attacks. Aka it's usually not the first attack I run, but I've had good success just letting it go if I don't want to put to much thought into a cracking session and PCFG/dictionary attacks are slowing down. Side note, I've heard many people mention the "prinception" attack where you create an input dictionary using prince then feed that into another instance of prince. I have to admit this puzzles me a bit as it seems like you could get the same results by increasing the number of combos. I'm probably missing something so feel free to comment on that. Thanks! Matt
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.