Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 6 Jun 2012 07:43:32 -0500
From: "jfoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: RE: wordlist progress report bug

I have not looked at the code, but could this be due to looking at the
'first' word of the file?

If I remember, the % if computed by how many rules have been completed, but
then adjusted based upon just how forward we are in the word file we are.
How would it behave, if it thought we were are line 0 (before the first line
was processed?)   What would a single entry, and LOTS of rules, with a very
slow format do?

Here was a run with 1 pw, 1 ssh hash, and a large set of rules:

C:\phpbb\johnripper\john-1.7.9\jumbo-unstable\run>john -w=x.txt ssh.in
-conf=/c/phpbb/john.ini -rules=Wordlist_pre_post_big_list
Loaded 1 password hash (SSH [32/32])
guesses: 0  time: 0:00:00:01 729173.90% (Wed Jun  6 07:35:13 2012)  c/s:
12289  trying: abcdson123
guesses: 0  time: 0:00:00:02 729214.56% (Wed Jun  6 07:35:15 2012)  c/s:
12572  trying: hestabcd
guesses: 0  time: 0:00:00:03 DONE (Wed Jun  6 07:35:15 2012)  c/s: 12549
trying: abcd!!!

Here is a rar run (again, only 1 word, many rules).

C:\phpbb\johnripper\john-1.7.9\jumbo-unstable\run>john -w=x.txt rar.in
-conf=/c/phpbb/john.ini -rules=Wordlist_pre_post_big_list
Loaded 2 password hashes with 2 different salts (RAR3 [32/32])
guesses: 0  time: 0:00:00:02 538543.26% (Wed Jun  6 07:40:23 2012)  c/s:
27.07  trying: abcdper
guesses: 0  time: 0:00:00:05 538543.38% (Wed Jun  6 07:40:26 2012)  c/s:
28.62  trying: daabcd
guesses: 0  time: 0:00:00:07 538543.46% (Wed Jun  6 07:40:28 2012)  c/s:
28.95  trying: abcd666
guesses: 0  time: 0:00:00:21 538543.96% (Wed Jun  6 07:40:42 2012)  c/s:
28.77  trying: micabcd

Here is a rar run with 2 words.
C:\phpbb\johnripper\john-1.7.9\jumbo-unstable\run>john -w=x.txt rar.in
-conf=/c/phpbb/john.ini -rules=Wordlist_pre_post_big_list
Loaded 2 password hashes with 2 different salts (RAR3 [32/32])
guesses: 0  time: 0:00:00:02 250501.30% (Wed Jun  6 07:42:04 2012)  c/s:
26.31  trying: tabcd
guesses: 0  time: 0:00:00:04 0.07% (ETA: Wed Jun  6 09:17:16 2012)  c/s:
27.14  trying: abcd2per
guesses: 0  time: 0:00:00:06 250501.37% (Wed Jun  6 07:42:09 2012)  c/s:
27.84  trying: abcdkey
guesses: 0  time: 0:00:00:07 250501.39% (Wed Jun  6 07:42:10 2012)  c/s:
28.10  trying: abcdass
guesses: 0  time: 0:00:00:09 0.17% (ETA: Wed Jun  6 09:10:17 2012)  c/s:
28.18  trying: miabcd2
guesses: 0  time: 0:00:00:10 250501.45% (Wed Jun  6 07:42:13 2012)  c/s:
28.29  trying: daabcd

I would say, it appears that this has been a long standing bug, where the
wordfile is either 'before' the start, or 'after' the end.

Jim.

>-----Original Message-----
>From: magnum [mailto:john.magnum@...hmail.com]
>Sent: Wednesday, June 06, 2012 5:49 AM
>To: john-dev@...ts.openwall.com
>Subject: Re: [john-dev] wordlist progress report bug
>
>On 06/06/2012 12:33 PM, Solar Designer wrote:
>> On Wed, Jun 06, 2012 at 11:18:41AM +0200, magnum wrote:
>>> On 06/05/2012 03:57 PM, Solar Designer wrote:
>>>> When running magnum-jumbo with a tiny wordlist (just 3 words) and
>>>> lots of rules against a RAR file (slow), I am sometimes getting the
>>>> progress reported as 400% to 500%, then back to normal (under 100%),
>then again.
>>>
>>> I'll see if I can reproduce that. I suppose this was a non-MPI build?
>>> The code paths divert a little.
>>
>> Yes, non-MPI, but OMP (8 threads).
>
>I could not reproduce what you saw but this might be a variant of it:
>
>magnum@...ge:~/john$ ./john test/sample.hashes -form:bf -wo:testlist --
>rules=all Loaded 1 password hash (OpenBSD Blowfish [32/64 X2])
>guesses: 0  time: 0:00:00:03 0.02%  c/s: 517  trying: Word399999 -
>word1123456
>guesses: 0  time: 0:00:00:06 0.05% (ETA: 2012-06-06 16:03:10)  c/s: 597
>  trying: word3650 - word1651
>guesses: 0  time: 0:00:00:08  c/s: 621  trying: Word1120 - Word2120
>guesses: 0  time: 0:00:00:11 0.07% (ETA: 2012-06-06 17:05:04)  c/s: 642
>  trying: Word3824 - Word1825
>
>At 0:08 it doesn't emit any progress figures. This doesn't seem to
>happen with MPI.
>
>magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ