Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 13 Jun 2016 09:54:26 -0400
From: Matt Weir <>
Subject: Re: Derive stats/rules/masks from a bunch of plains

For John the Ripper, the best automatic rule generator that I'm aware of is
bartavelle's which is available at:

It doesn't do passphrases though, and it's been a number of years since
it's been updated. Side note, automatically breaking up passphrases is
a really tricky problem unless the person creating them was nice enough to
capitalize each of the words. Part of this is due to poor input
dictionaries. Heck even determining keyboard combos is not exactly
straightforward since you'd be surprised how many real words follow a
partial keyboard walk.

If you are looking for more experimental work, you can check out my pcfg
guess generator at:

It's still *very* much in development so unfortunately it doesn't support
longer cracking sessions at this moment. That being said, the training
program breaks down a lot of statistics about the training password set
that you might be able to use. It doesn't currently display them to the
screen so you'll need to dig into the rules directory yourself. If you do
use it please feel free to give me feedback and I apologize in advance for
my horrendously late replies :)


On Sun, Jun 12, 2016 at 4:26 AM, Patrick Proniewski <>

> Hi,
> On 11 juin 2016, at 17:09, Michal Špaček wrote:
> > You can also try DigiNinja's Pipal:
> Thanks, it looks interesting. I'll definitively add it to my toolbox. On
> the vocabulary side, it fails splitting pass phrases into dictionary words.
> For 10 years old dumps it's not so important, but for recent dumps it's a
> problem.
> pat

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.