Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 4 Jul 2007 15:26:56 +0100
From: "Larry Bonner" <>
Subject: Re: "incremental" mode vs. dumb exhaustive searches

i would just like to point out first of all, that i do not represent or wish
to "plug" passwordspro or saminside applications
on this mailing list.

> My guess is that you haven't run enough comparisons of JtR against other
> tools

what i did was run JTR in incremental mode using alpha.chr on LM hashes,
this was timed from beginning to
end on an amd64 2 ghz cpu.
it only took about ~16 minutes, so i really wasn't that bothered in what way
the password strings were

i used 1 hash for both SAMInside and JTR, and SI proved slightly faster..i
do not have results right here, but you
may try for yourself if you wish.

when i tried multiple hashes, JTR decreased in speed while SI stayed
relatively the same speed as with 1 hash, i realised soon after why this
was happening, but won't say just now.

JTR is much faster at attacking des crypt() and md5crypt() hashes than ppro,
cain or any other password cracker available that i know of, that i can say
for certain.
this is mainly due to using kwans sboxes in DES and some optimizations in
md5crypt() that aren't used in PPro, although, again at the moment atleast,
i have no evidence to back up the claim..i'm sure you won't dismiss that
claim quicker.

No, saminside or ppro does not feature an attack of NTLMv1
challenge/response (who or what uses NTLMv1 challenge/response?), and the
optimizations against NTLMv1 in saminside
to the best of my knowledge are only effective against unsalted passwords,
which are more commonly attacked.

> The performance for NTLM hashes should be similar (or JtR may actually
> be faster), due to Alain Espinosa's optimized code:

Alains code is not faster than SI for normal NTLMv1.. i have no hard
evidence to present right this moment, but when i get some time from work, i
would be quite happy
to do this, and also provide a tool to show a "new" method of attacking
md4/md5 hash-based passwords, including md5crypt.

Alains code is very good, but i'm afraid that sse2 alone is not as efficient
as x86 alone, but together..less dependencies, better pipelining, means
better performance.
atleast on x86, it is possible to utilize 8 32-bit registers, and 8 sse2
registers, so it is possible to compute 6 hashes at once.

on the x64 cpu, it is possible to do 18 hashes each time, but is debateable
whether it has advantage or not.
sorry if i haven't addressed all your points, i will asap!

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ