Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Tue, 22 Jan 2008 14:30:08 -0500
From: "Steve ......" <lynx.9595@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: few passwords cracked (was: different formats..)

 > Not necessarily.  Those systems might have mostly strong passwords.  It
> is impossible to tell from just the information you have provided.  (How
> many hashes did JtR load for that 15-hour cracking session?)

as shown below it loaded 838 and 3229 hashes of which 27 passwords were
cracked!

I dont believe it is entirely because they are strong passwords, if thats
the case. its from about 12 different boxses with I dont believe any
addtional security in place.. there has GOT to be more then 1 weak password
out of a total of 838 hashes... and more then 26 out of 3229 hashes.. so Im
kinda clueless as to why its not cracking properly.. I think Im gonna try
reinstall john with the newest version but I dont see that changing much.

Im not sure what else information I can provide to see what excatly is going
on.. =/

> lynx@...:~/****$ john --show smallshadow
> halu:111111:12668:0:99999:7::::
> 1 password cracked, 838 left
>
> lynx@...:~/*****/big$ john --show bigshadow
>
vmspam:none:98006:98000::::Incoming:/home/sites/site98/users/vmspam:/bin/ftponly:www.******.com
> etc.....
> 26 passwords cracked, 3229 left

> This looks good (except that you should have used "unshadow" on the
> first file and that you're using an outdated version of JtR - but this
> shouldn't have affected the number of cracked passwords that much).

> If you really let JtR run against all of those hashes for 15 hours (this
> is not seen from your posting), giving it the proper "--format=..."
> option if necessary, then most of those passwords are likely pretty
> strong.  If so, perhaps the systems have password policy enforcement in
> place.

> Another possibility is that the systems you got these files from had
> some local customizations, making some of the uncracked hashes
> incompatible with JtR, but this is unlikely.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ