jetlib.sec » Bugtraq » Re: pwgen: non-uniform distribution of passwords

Feeds

132963 items (0 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

Bugtraq

• January 20, 2012
• 

  Re: pwgen: non-uniform distribution of passwords

  Posted: January 20th, 2012, 8:40am PST

  Tags:   

  Posted by Solar Designer on Jan 20

  John the Ripper, indeed - generating a custom .chr file (which is based
  on trigraph frequencies) from a sample of 1 million of pwgen'ed
  passwords and then using this file to crack another (non-overlapping)
  sample of pwgen'ed passwords. My initial notification to oss-security
  and Bugtraq included these links, which describe this in more detail:
  
  http://www.openwall.com/lists/john-users/2010/11/17/7...