Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 29 Aug 2005 10:08:55 +0200
From: Michael Behrisch <behrisch@...ormatik.hu-berlin.de>
To: john-users@...ts.openwall.com
Subject: Re: trivial parallel processing (4 CPUs)

Am Freitag, 26. August 2005 20:39 schrieb Solar Designer:
> > Any reccomendations?
>
> 1. You need to run "single crack" on all of your accounts at once.  John
> might crack more passwords this way.
>
> 	./john -single passwd
>
> 2. It is unimportant whether or not you distribute wordlist-based
> cracking over all of your CPUs.  However, if you do, you may want to
> split the wordlist into 4 parts and not split the password file.  Rather
> than use 4 separate directories, you'd run:
>
> 	./john -se=w1 -w=words1.lst -rules passwd
> 	./john -se=w2 -w=words2.lst -rules passwd
> 	./john -se=w3 -w=words3.lst -rules passwd
> 	./john -se=w4 -w=words4.lst -rules passwd
>
> (on four different terminals - or simply background the commands and
> logout).
>
> 3. Once you're done with the wordlists, proceed with "incremental" mode
> as I had suggested in my previous response (have different instances try
> different password lengths).
>
> Of course, you can script these three steps.

There is an easier and more flexible way to parallelize step 2 and 3
at least if your OS (and your filesystem) supports named pipes (probably 
any flavor of Un*x).

You can simply create a named pipe (Linux: "mkfifo johnpipe")
and let one instance of john write the password candidates into:
Step 2:
john --stdout -w=words.lst -rules > johnpipe
Step 3:
john --stdout -inc > johnpipe

Then you can create an arbitrary number of real cracking sessions which
read the candidates from the pipe:
./john -se=w1 --stdin passwd < johnpipe
./john -se=w2 --stdin passwd < johnpipe
...

That's it. No hacks, no patches not even a change to the configuration files.

A further advantage of this approach is that you can dynamically add 
and remove sessions just by aborting / starting them and you don't 
have to care how to split the password range. Additionally if you
are using nfs the single john sessions donot even need to run 
on the same computer. They simply need the same filesystem.

One remark:
The candidate creation instance of john will use almost no computing time
so you can savely start it together with four real crackers on a 4CPU system
(I started it once with 12 "clients" and it had about 5% cpu load on a 1GHz 
machine)

Yours,
Michael

P.S: I did not invent this method, but I forgot where I read this first.
-- 
Michael Behrisch (Tel. +49 30 2093-3123)
HU Berlin, Institut fuer Informatik, Arbeitsgruppe Algorithmen
http://www.informatik.hu-berlin.de/~behrisch/

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ