Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 8 Apr 2006 05:09:06 +0400
From: Solar Designer <>
Subject: partially forgotten password

On Fri, Apr 07, 2006 at 09:05:48AM -0300, Pedro Luis Duccini Nunes wrote:
> I?m starting to use John and I need to crack a forgoten password. I remember
> the 2 initial characters is "Cs", the final digit is "5" and the lenght is
> 8. 
> I configure the min and max lenght to 8 and I?m using incremental mode, but
> still running for 24hours.

You can use these settings in john.conf:

File = $JOHN/all.chr
MinLen = 5
MaxLen = 5
CharCount = 95

void filter()
	word[8] = 0;
	word[7] = '5';
	word[6] = word[4];
	word[5] = word[3];
	word[4] = word[2];
	word[3] = word[1];
	word[2] = word[0];
	word[1] = 's';
	word[0] = 'C';

To see that these work as desired, run:

	john -i=all5 -e=cs-5 -stdout | head

On my system, the output is:


To actually start cracking your password, run:

	john -i=all5 -e=cs-5 passwd
> How do I configure John to crack this faster in a Unix system using DES and
> without shadowed passwords?

I've provided the configuration settings above.  For a single
traditional DES-based crypt(3) hash, this should get your password
cracked within a day worst case on a not-too-ancient CPU (100k c/s).
In practice, you will likely get the password cracked much earlier.

If you're on an x86 system, you should be using an MMX-enhanced build
of John.

Alexander Peslyak <solar at>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598 - bringing security into open computing environments

Was I helpful?  Please give your feedback here:

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ