Home page logo

pen-test logo Penetration Testing mailing list archives

Re: john the ripper
From: "bofn" <bofn () irq org>
Date: Thu, 04 Dec 2003 20:47:57 +0100

Hello there,

Are there recent common password lists for the english speaking terratories?
because most research results seem to be from the 80's and not optimised 

i'm working on a LDAP plugin that deals with {SSHA} and uses other patches to
do the {SHA} & {CRYPT}, all in one go with a .ldiff as input.
would be usefull to have some good word lists to test against and create some
stats on the level of security of some ISP and telco ldiffs i use.

 On Thu, 04 Dec 2003 14:10:32 +1300
"Jason Watson" <penscan () hotmail com> wrote

The real key to passwd crackers is the dictionaries they use for the
bruting. then better, bigger, more inclusive the dict, the more likely you
are to get results.

I strongly agree with Ron, however bigger is not always smarter.  You can
quite easily make custom rules for JTR that, when combined with previously
gained information, can make time fly!  But yes, definately, the dictionary
is key.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]