[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 22 Sep 2006 22:04:37 +0200
From: "Frank Dittrich" <frank_dittrich@...mail.com>
To: john-users@...ts.openwall.com
Subject: Loaded # of password hashes in batch mode
Just a minor issue I found in the john-1.7.2 and john-1.7.0.2 versions
(linux-x86-mmx), i didn't test older versions:
The number of different password hashes which is reported on stdout
and in the log file is somewhat confusing.
Example:
>./john --session=batch pw.90
Loaded 27857 password hashes with 90 different salts (Traditional DES [64/64
BS MMX])
guesses: 0 time: 0:00:00:00 0% (1) c/s: 0.00 trying: RAMMYASS - RTZA86H
guesses: 0 time: 0:00:00:01 3% (2) c/s: 12164K trying: 54321 - neerg
guesses: 0 time: 0:00:00:02 86% (2) c/s: 41994K trying: ongissor -
erutangi
guesses: 0 time: 0:00:00:04 (3) c/s: 21279K trying: 1952 - sarah1
guesses: 0 time: 0:00:00:05 (3) c/s: 20405K trying: 48662733 - starlies
guesses: 0 time: 0:00:00:06 (3) c/s: 23337K trying: 0100022 - 0142655
guesses: 0 time: 0:00:00:08 (3) c/s: 24651K trying: 2472 - rji
Session aborted
>./john --restore=batch
Loaded 27857 password hashes with 90 different salts (Traditional DES [64/64
BS MMX])
guesses: 0 time: 0:00:00:08 (3) c/s: 24928K trying: 2474 - rjk
guesses: 0 time: 0:00:00:09 (3) c/s: 27377K trying: andran - arina1
guesses: 0 time: 0:00:00:10 (3) c/s: 26016K trying: shomin - stupon
Session aborted
>./john --session=single --single pw.90
Loaded 27857 password hashes with 90 different salts (Traditional DES [64/64
BS MMX])
guesses: 0 time: 0:00:00:00 100% c/s: 16588K trying: AEG7TZDG - U$UXQPM7
>./john --session=wordlist --wordlist=password.lst pw.90
Loaded 27446 password hashes with 90 different salts (Traditional DES [64/64
BS MMX])
guesses: 0 time: 0:00:00:01 100% c/s: 69329K trying: raiders - zhongguo
>./john --session=incremental --incremental pw.90
Loaded 27446 password hashes with 90 different salts (Traditional DES [64/64
BS MMX])
guesses: 0 time: 0:00:00:00 c/s: 0.00 trying: 1952 - sarah1
guesses: 0 time: 0:00:00:01 c/s: 17196K trying: pin - marren
guesses: 0 time: 0:00:00:02 c/s: 13268K trying: deb - berta
Session aborted
>grep "." batch.log single.log wordlist.log incremental.log | egrep -i
>"(remaining|loaded)"
batch.log:0:00:00:00 Loaded a total of 62788 password hashes with 90
different salts
batch.log:0:00:00:00 Remaining 27857 password hashes with 90 different salts
batch.log:0:00:00:00 - Processing the remaining buffered candidate passwords
batch.log:0:00:00:08 Loaded a total of 62788 password hashes with 90
different salts
batch.log:0:00:00:08 Remaining 27857 password hashes with 90 different salts
single.log:0:00:00:00 Loaded a total of 62788 password hashes with 90
different salts
single.log:0:00:00:00 Remaining 27857 password hashes with 90 different
salts
single.log:0:00:00:00 - Processing the remaining buffered candidate
passwords
wordlist.log:0:00:00:00 Loaded a total of 61575 password hashes with 90
different salts
wordlist.log:0:00:00:00 Remaining 27446 password hashes with 90 different
salts
incremental.log:0:00:00:00 Loaded a total of 61575 password hashes with 90
different salts
incremental.log:0:00:00:00 Remaining 27446 password hashes with 90 different
salts
Looks like john reports the number of (loaded/remaining) hashes for
single mode when running in batch mode, even if the single mode step
has been completed.
62788/61575 and 27857/27446 are the nubers of total and uncracked
hashes, including/excluding duplicates.
For single mode or when using john --show, it is reasonable to report
the total number of hashes including duplicate hashes due to
different user names... - even if it is not mentioned in the
documentation. (I just grepped the doc directory.)
But once the --single step is completed, john should IMHO report
the number of unique hashes (loaded/remaining), even when running
in batch mode.
Should I have attached sample john.pot/john.conf/password files?
Regards,
Frank
--
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux -
Powered by OpenVZ