Discussion:
[john-users] Incremental mode over 13 characters?
Eric Watson
2018-05-20 23:03:24 UTC
Permalink
I read that Incremental Mode will use the full printable ASCII character
set and try all possible password lengths from 0 to 13 from the 95
characters.

Can JtR use incremental mode with a password which has at most a total
of 22 characters which include special characters if the available
characters are known? A word of up to 22 characters from a list of 16
characters.

Eg. A password such as !AbCdEfGhIj*1234, expanded using the same
characters to a total of 22, the characters of which are known but the
order is not.

Thank you

Eric
Solar Designer
2018-05-21 09:10:09 UTC
Permalink
Post by Eric Watson
I read that Incremental Mode will use the full printable ASCII character
set and try all possible password lengths from 0 to 13 from the 95
characters.
The maximum length is runtime configurable (up to a compile-time limit
currently at 24). It's "MaxLen = 13" in this section in john.conf:

# Incremental modes
[Incremental:ASCII]
File = $JOHN/ascii.chr
MinLen = 0
MaxLen = 13
CharCount = 95

You can edit it. Or you can use a different section. As you can see,
some other pre-defined incremental modes have MaxLen set differently:

[Incremental:Digits]
File = $JOHN/digits.chr
MinLen = 1
MaxLen = 20
CharCount = 10
Post by Eric Watson
Can JtR use incremental mode with a password which has at most a total
of 22 characters which include special characters if the available
characters are known? A word of up to 22 characters from a list of 16
characters.
Eg. A password such as !AbCdEfGhIj*1234, expanded using the same
characters to a total of 22, the characters of which are known but the
order is not.
Technically yes, you can set "MaxLen = 22" and generate a custom .chr
file corresponding to your character set. But you're not going to get
that password cracked, at least in this way and without focusing the
attack much more. 16^22 is a lot more than you'd ever search.

Alexander

Loading...