[<prev] [next>] [<thread-prev] [month] [year] [list]
Date: Sun, 24 Feb 2008 05:52:13 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: single character passwords on stdout
On Mon, Feb 18, 2008 at 08:26:48PM +1300, Russell Fulton wrote:
> Over the weekend I ran a couple of thousand LM hashes through JTR. I
> remembered seeing a whole bunch of single character passwords scroll
> up the screen and vanish rapidly off the top.
...
> What I did find in the --show output were several passwords listed
> as ???????X where 'X' was a digit or uppercase char. I'm guessing
> that these were what I briefly glimpsed disappearing off the screen
> and represent the second hash from an 8 char password which JtR
> processes separately.
That's correct, and you can confirm it by checking out the log file -
for the second halves, it will list usernames such as "user:2" - it's
the ":2" which refers to the second hash half.
Also, it is likely that many first halves got cracked that correspond to
the single-character second halves - so some of those single-character
"passwords" that you saw scroll off the screen actually correspond to
last characters of fully cracked passwords that you see on "--show".
I mean that you don't see all of those single-character "passwords" on
the lines with the question marks - many are on lines without any
question marks. :-)
Alexander
--
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.
Hosted by DataForce ISP -
Powered by Openwall GNU/*/Linux