Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 22 Jan 2008 21:52:52 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: few passwords cracked (was: different formats..)

Steve (and everyone) - please use a descriptive message Subject and
start a new thread (post your message anew, not as a "reply") whenever
you post something on a new topic.

On Tue, Jan 22, 2008 at 09:18:42AM -0500, Steve ...... wrote:
> I dont know whats up but john used to come through for me
> more often I think then he is now.. this is after 15 hours of running...
> something must be wrong right?..

Not necessarily.  Those systems might have mostly strong passwords.  It
is impossible to tell from just the information you have provided.  (How
many hashes did JtR load for that 15-hour cracking session?)

> lynx@box:~/****$ john --show smallshadow
> halu:111111:12668:0:99999:7::::
> 1 password cracked, 838 left
> 
> lynx@box:~/*****/big$ john --show bigshadow
> vmspam:none:98006:98000::::Incoming:/home/sites/site98/users/vmspam:/bin/ftponly:www.******.com
> etc.....
> 26 passwords cracked, 3229 left

This looks good (except that you should have used "unshadow" on the
first file and that you're using an outdated version of JtR - but this
shouldn't have affected the number of cracked passwords that much).

If you really let JtR run against all of those hashes for 15 hours (this
is not seen from your posting), giving it the proper "--format=..."
option if necessary, then most of those passwords are likely pretty
strong.  If so, perhaps the systems have password policy enforcement in
place.

Another possibility is that the systems you got these files from had
some local customizations, making some of the uncracked hashes
incompatible with JtR, but this is unlikely.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15
http://www.openwall.com - bringing security into open computing environments

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.