[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CANWtx03y8nY2tE9bG-U6szQ16MhgcKQ3u0Bx540bLRnPWc6Evw@mail.gmail.com>
Date: Sun, 16 Oct 2011 18:09:54 -0400
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: filter performances
On Sun, Oct 16, 2011 at 5:55 PM, Brad Tilley <brad@...ystems.com> wrote:
> On 10/16/2011 05:11 PM, Jérôme Loyet wrote:
>> I have a single traditional DES password to bruteforce. I know its
>> policy: 8 characters long (or more) and it uses at least one lower
>> case, one upper case, one numerical and one "other" char.
I think traditional DES is limited to 8 char max.
> Also, what about the (or more) length passwords. Nine, ten, eleven or twelve
> char passwords? IMO, brute force is not the way to approach passwords of
> this lenght. Start with popular passwords, then move to dictionary attacks,
> word mangling, etc.
Still I agree dictionaries/wordlists get passwords faster than brute force.
But you may want to try the "Policy" external mode.
./john hashes.txt -e=Policy
-rich
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
