Reusable Security

  “I have not failed. I've just found 10,000 ways that won't work” -  Thomas Edison Introduction: This is a continuation of a deep dive into John the Ripper's new Tokenizer attack. Instruction on how to configure and run the original version of Tokenizer can be found [ Here ]. As a warning, those instructions need to be updated as a new version of Tokenizer has been released that makes it easier to configure. The first part of my analysis can be found [ Here ]. This is going to be a bit of a weird blog entry as this is a post about failure . Spoiler alert: If you are reading this post to learn how to crack passwords, just go ahead and skip it. My tests failed , my tools failed , and my understanding of my tools failed . A disappointing number of passwords were cracked in the creation of this write-up. I'll admit, I was very tempted to shelve this blog post. But I strongly believe that documenting failures is important. Often when reading blog posts you don't really...