Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: john the ripper

From: "bofn" <bofn () irq org>
Date: Thu, 04 Dec 2003 20:47:57 +0100
Hello there,

Are there recent common password lists for the english speaking terratories?
because most research results seem to be from the 80's and not optimised 

i'm working on a LDAP plugin that deals with {SSHA} and uses other patches to
do the {SHA} & {CRYPT}, all in one go with a .ldiff as input.
would be usefull to have some good word lists to test against and create some
stats on the level of security of some ISP and telco ldiffs i use.



---------------------------------------------------------------
 On Thu, 04 Dec 2003 14:10:32 +1300
"Jason Watson" <penscan () hotmail com> wrote

Hi,


The real key to passwd crackers is the dictionaries they use for the
bruting. then better, bigger, more inclusive the dict, the more likely you
are to get results.


I strongly agree with Ron, however bigger is not always smarter.  You can
quite easily make custom rules for JTR that, when combined with previously
gained information, can make time fly!  But yes, definately, the dictionary
is key.


---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: