Posts

OMEN Improvements

Image
“If I had an hour to solve a problem, I would spend 55 minutes thinking about the problem and five minutes finding the solution.” -  Proverb falsely attributed to Albert Einstein Introduction: I'm a big fan of graphing password cracking sessions. It's a good way to figure out what's working and what isn't by highlighting trends that get lost in the final "cracking success" number. The very first thing I look for in these graphs is saw-tooth steps. This is an easy way to spot potential improvements. If you suddenly see a quick run of cracks in your password cracking success rate, which is what these saw-tooth steps represent, that implies you can optimize your cracking session by moving that attack earlier in your workflow. Now you need to temper that with the realization that no two password sets are exactly the same, you don't want to overtrain your cracking sessions on one particular dataset, and often these improvements come about because you learn some...

Analyzing Tokenizer Part 2: Omen + Tokenizer

Image
  “I have not failed. I've just found 10,000 ways that won't work” -  Thomas Edison Introduction: This is a continuation of a deep dive into John the Ripper's new Tokenizer attack. Instruction on how to configure and run the original version of Tokenizer can be found [ Here ]. As a warning, those instructions need to be updated as a new version of Tokenizer has been released that makes it easier to configure. The first part of my analysis can be found [ Here ]. This is going to be a bit of a weird blog entry as this is a post about failure . Spoiler alert: If you are reading this post to learn how to crack passwords, just go ahead and skip it. My tests failed , my tools failed , and my understanding of my tools failed . A disappointing number of passwords were cracked in the creation of this write-up. I'll admit, I was very tempted to shelve this blog post. But I strongly believe that documenting failures is important. Often when reading blog posts you don't really...

Analyzing JtR's Tokenizer Attack (Round 1)

Image
Introduction / Goals / Scope: This is a follow-up to my previous blog post looking at how to install/run the new John the Ripper Tokenizer attack [ Link ]. The focus of this post will be on performing a first pass analysis about how the Tokenizer attack actually performs. Before I dive into the tests, I want to take a moment to describe the goals of this testing. My independent research schedule is largely driven by what brings me joy. Because of that I'm trying to get better at scoping efforts to something I can finish in a couple of days. It's easy to be interested in something for a couple of days! Therefore, my current plan is to run a couple of tests to get a high level view of how the Tokenizer attack performs and then see where things go.  To that end, this particular blog post will focus on three main "tests" to answer a couple of targeted questions. Test 1: Analyze how sensitive Tokenizer is to the size of the training data Question: How sensitive is the Toke...