Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Wed, 22 Dec 2010 00:45:44 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: pwgen in JavaScript

On Tue, Dec 07, 2010 at 09:18:19AM +0300, Solar Designer wrote:
> ... "JavaScript port of pwgen" (of Ted's pwgen for Unix):
> 
> http://8-p.info/pwgen/
[...]
> $ ./john -i=pwgen-js -se=pwgen-js -fo=nt 1k-8-nt
> Loaded 909 password hashes with no different salts (NT MD4 [128/128 X2 SSE2-16])
> Warning: only 60 characters available
> 
> guesses: 22  time: 0:00:00:05  c/s: 9086M  trying: Ouq9s1f1 - Ouq9s1ie
> guesses: 45  time: 0:00:00:12  c/s: 11528M  trying: Iu4a9p3i - Iu4a9p2i
> guesses: 102  time: 0:00:01:00  c/s: 12779M  trying: iLi4jebi - iLi4j0lu
> guesses: 148  time: 0:00:03:00  c/s: 11026M  trying: Ugc7yo3e - Ugc7yoj9
> guesses: 193  time: 0:00:05:58  c/s: 11133M  trying: Py2ige1n - Py2igen6
> guesses: 220  time: 0:00:08:34  c/s: 11324M  trying: Pgsu9h2h - Pgsu9h8f
> guesses: 320  time: 0:00:40:37  c/s: 9891M  trying: aTt5xp8x - aTt5xtty

If anyone is curious, here's how this attack progressed further:

guesses: 648  time: 0:18:24:44  c/s: 6137M  trying: FGqcw1k7 - FGqcw1me
guesses: 730  time: 2:03:38:37  c/s: 4574M  trying: kBnqOoMi - kBnqOoM3
guesses: 791  time: 5:06:51:33  c/s: 3423M  trying: BdyE7Pur - BdyE7Pg0
guesses: 800  time: 6:04:30:02  c/s: 3215M

(The last line lacks "trying" because I obtained it with "john --status"
after interrupting the main John session.)

> 2.2% (2.4% of 909) cracked in 5 seconds
> 10% (11%) cracked in 1 minute
> 22% (24%) cracked in 8.5 minutes
> 32% (35%) cracked in 40 minutes

65% (71%) cracked in 18.5 hours
73% (80%) cracked in 2 days
80% (88%) cracked in 6 days

> This is mostly _without_ exploiting the problems with Math.random()
> yet.  It'd take custom code to exploit those, but then I'd expect all
> passwords to fall within seconds.  "[List.External:Strip]" in the
> default john.conf implements this sort of attack for another naive
> password generator.

For those who want more context, my original posting is here:

http://www.openwall.com/lists/john-users/2010/12/07/4

Alexander

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ