Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAJ9ii1EzUEMpgkzCNCjRvS+z45MQ+gHgeZ1ouvKnEt+pQDCKOA@mail.gmail.com>
Date: Mon, 25 Sep 2017 16:45:23 -0400
From: Matt Weir <cweir@...edu>
To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com>
Subject: Experiences Using Prince Mode

Hey All,
    I don't know if I'll ever get around to finishing it but I'm
thinking of writing a guide to using --prince mode attack.The base
code is available at https://github.com/hashcat/princeprocessor, and
is included by default in JtR bleeding-jumbo release.

For those who are not familiar with it, in a nutshell Prince takes all
the words in an input dictionary and combines them multiple times. If
you are curious about more of the details I have a very outdated blog
post on it at http://reusablesec.blogspot.com/2014/12/tool-deep-dive-prince.html

What I'd like to know is other people's experiences using Prince. If
you've used it and are willing to share I'd appreciate it if you could
respond to this thread. I'm sure other people would be interested to
hear what you have to say as well!

To kick things off I've found it's extremely helpful when using Prince
to include a short bruteforce in my wordlist. For example, all values
1 to 3 letters/digits/special characters long. Now, you certainly
could limit that to only likely characters, but I usually find myself
using Prince on fast hashes so I'm not too focused on optimizing it.

The impact of doing that seems to be dramatic vs only using an input
dictionary containing cracked passwords. For example, '1' might not be
a valid password, but if '1cow1pig', is the password you are trying to
crack then without that '1' you likely won't create that combo.

Also, I tend to use Prince as a bridge before I do incremental/mask
attacks. Aka it's usually not the first attack I run, but I've had
good success just letting it go if I don't want to put to much thought
into a cracking session and PCFG/dictionary attacks are slowing down.

Side note, I've heard many people mention the "prinception" attack
where you create an input dictionary using prince then feed that into
another instance of prince. I have to admit this puzzles me a bit as
it seems like you could get the same results by increasing the number
of combos. I'm probably missing something so feel free to comment on
that.

Thanks!
Matt

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.