Posts

Analyzing JtR's Tokenizer Attack (Round 1)

Image
Introduction / Goals / Scope: This is a follow-up to my previous blog post looking at how to install/run the new John the Ripper Tokenizer attack [ Link ]. The focus of this post will be on performing a first pass analysis about how the Tokenizer attack actually performs. Before I dive into the tests, I want to take a moment to describe the goals of this testing. My independent research schedule is largely driven by what brings me joy. Because of that I'm trying to get better at scoping efforts to something I can finish in a couple of days. It's easy to be interested in something for a couple of days! Therefore, my current plan is to run a couple of tests to get a high level view of how the Tokenizer attack performs and then see where things go.  To that end, this particular blog post will focus on three main "tests" to answer a couple of targeted questions. Test 1: Analyze how sensitive Tokenizer is to the size of the training data Question: How sensitive is the Toke

Running JtR's Tokenizer Attack

Image
Disclaimer 1: This blog post is on a new and still under development toolset in John the Ripper. Results depict the state of the toolset as-is and may not reflect changes made as the toolset evolves. Disclaimer 2: I really need to run some actual tests and password cracking sessions using this attack, but I'm splitting that analysis up into a separate blog post. Basically I have enough forgotten drafts sitting in my blogger account that I didn't want to add another one by trying to "finish" this post before hitting publish. So stay tuned for new posts if you want to see how effective this attack really is. Introduction: It's been about 15 years since I last wrote about John the Ripper's Markov based Incremental mode attacks [ Link ] [ Link 2 ]. 15 years is a long time! A lot of work has been done applying Markov based attacks to password cracking sessions, ranging from the OMEN approach to Neural Network based password crackers. That's why I was so excite

Extracting Secrets from Packet Captures (A CMIYC2024 Story)

Image
  " Interest is the most important thing in life; happiness is temporary, but interest is continuous. " - Georgia O'Keeffe Introduction: The focus of this blog entry will be on tools and scripts to analyze packet captures. This  is the result of falling down a rabbit hole when writing the previous tutorial on the CMIYC 2024 WIFI cracking challenge: [ Link ]. In that writeup I realized I hadn't been keeping up on the state of automated tooling to help extract secrets and interesting data from packet captures. So I asked for tips and suggestions on what I could use. And you all responded! This is another reason why these blog posts are really beneficial to me. I learn so much writing them, so thank you! As a disclaimer, while I will be using the CMIYC2024 dataset to explore using some of these tools, these tools are not really suited for password cracking competitions. For short competitions, you are better off performing manual analysis of the data. As a spoiler, none