Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 17 Nov 2005 09:57:24 +1100
From: "David Luyer" <david@...er.net>
To: <john-users@...ts.openwall.com>
Subject: RE: Speed up John

Considering long runs of john (where you're running for weeks to years
over the one set of passwords), john can be run with a large wordlist in a 
reasonable amount of time (weeks at most).  No need to parallelize.  The
same with running incremental:digits or using an external to do other
sets like 9 or 10 digits.

The one thing which is slow is incremental:all.

The way incremental:all works is in passes, as you can see in the .rec 
files.  In about a month running on about 100 crypts you'd probably do
around the first 2000 passes on a fast system.

A way to distribute the load sensibly would seem to be to have a server
keep track of the passes as they are done and communicate the hashes
as they are cracked;

	server data set:
		[crypt string, plaintext string, source client id, crypt id]
		[client id, last sent crypt id]
		[sequence number, client id, start time, end time]

	client starts, requests sequence number, works on that pass of
      incremental:all; server stores sequence number, client id, start
      time

	client cracks crack password, sends it to server, server sends it
	to all online clients to add to their john.pot and updates the
      data set to know it has been sent (any offline clients get it as
      they connect)

      client ends pass and sends notice to server, server storess end
      time and allocates first non-started pass to client

If a client fails the server should be able to have an entry deleted
so that a new client will be allocated the same sequence number.

Comments?  Would this be seen as a reasonable distribution of workload
and not a particularly bad cracking sequence?

David.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.