Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 29 Aug 2005 10:22:02 -0600
From: Stephen Cartwright <034710@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: trivial parallel processing (4 CPUs)

That is great info! Thank you very much Solar and Michael for those posts!

If you think of anything else don't hesitate to post it... this is very helpful.

Stephen

On 8/29/05, Michael Behrisch <behrisch@...ormatik.hu-berlin.de> wrote:
> Am Freitag, 26. August 2005 20:39 schrieb Solar Designer:
> > > Any reccomendations?
> >
> > 1. You need to run "single crack" on all of your accounts at once.  John
> > might crack more passwords this way.
> >
> >       ./john -single passwd
> >
> > 2. It is unimportant whether or not you distribute wordlist-based
> > cracking over all of your CPUs.  However, if you do, you may want to
> > split the wordlist into 4 parts and not split the password file.  Rather
> > than use 4 separate directories, you'd run:
> >
> >       ./john -se=w1 -w=words1.lst -rules passwd
> >       ./john -se=w2 -w=words2.lst -rules passwd
> >       ./john -se=w3 -w=words3.lst -rules passwd
> >       ./john -se=w4 -w=words4.lst -rules passwd
> >
> > (on four different terminals - or simply background the commands and
> > logout).
> >
> > 3. Once you're done with the wordlists, proceed with "incremental" mode
> > as I had suggested in my previous response (have different instances try
> > different password lengths).
> >
> > Of course, you can script these three steps.
> 
> There is an easier and more flexible way to parallelize step 2 and 3
> at least if your OS (and your filesystem) supports named pipes (probably
> any flavor of Un*x).
> 
> You can simply create a named pipe (Linux: "mkfifo johnpipe")
> and let one instance of john write the password candidates into:
> Step 2:
> john --stdout -w=words.lst -rules > johnpipe
> Step 3:
> john --stdout -inc > johnpipe
> 
> Then you can create an arbitrary number of real cracking sessions which
> read the candidates from the pipe:
> ./john -se=w1 --stdin passwd < johnpipe
> ./john -se=w2 --stdin passwd < johnpipe
> ...
> 
> That's it. No hacks, no patches not even a change to the configuration files.
> 
> A further advantage of this approach is that you can dynamically add
> and remove sessions just by aborting / starting them and you don't
> have to care how to split the password range. Additionally if you
> are using nfs the single john sessions donot even need to run
> on the same computer. They simply need the same filesystem.
> 
> One remark:
> The candidate creation instance of john will use almost no computing time
> so you can savely start it together with four real crackers on a 4CPU system
> (I started it once with 12 "clients" and it had about 5% cpu load on a 1GHz
> machine)
> 
> Yours,
> Michael
> 
> P.S: I did not invent this method, but I forgot where I read this first.
> --
> Michael Behrisch (Tel. +49 30 2093-3123)
> HU Berlin, Institut fuer Informatik, Arbeitsgruppe Algorithmen
> http://www.informatik.hu-berlin.de/~behrisch/
> 
> 
>

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ