Penetration Testing mailing list archives
Re: policy-based password cracker
From: thomas springer <tuevsec () gmx net>
Date: Fri, 02 Dec 2005 12:12:29 +0100
John the Ripper might have all you want, if you have a closer look at the rules in john.conf and use bruteforce-mode only. Be warned - fiddling around with johns ruleset might lead to anything from sleepless nights to insanity.
cheers, tom
Obviously, min and max is not the issue, but I can not seem to find anything that will only test passwords that meet complexity requirements (lowercase alpha, uppercase alpha, number). Something that generates this into a rainbow table would be even better.....
------------------------------------------------------------------------------Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- policy-based password cracker Chris Costantino (Dec 01)
- Re: policy-based password cracker Rembrandt (Dec 01)
- Re: policy-based password cracker thomas springer (Dec 02)
- Re: policy-based password cracker Thierry Zoller (Dec 02)
- Re: policy-based password cracker David Cravshaw (Dec 03)
- RE: policy-based password cracker Password Crackers, Inc. (Dec 03)
- <Possible follow-ups>
- RE: policy-based password cracker Miguel Dilaj (Dec 03)
- RE: policy-based password cracker Shenk, Jerry A (Dec 04)