Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Sun, 17 Jun 2012 11:31:08 -0600
From: Stephen John Smoogen <smooge@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: JTR against 135 millions MD5 hashes

On 17 June 2012 10:28, Frank Dittrich <frank_dittrich@...mail.com> wrote:
> On 06/17/2012 05:40 PM, jfoug wrote:
>> Has anyone been working on this password dump (the original 143million
>> hashes dump)?
>
> I did, for a few days, until I had cracked about 50% and got fed up with
> all the fake passwords.

I found the SHA1 list to be more "meaningful" for testing john and
other dictionaries as there was a lot more found not using
dictionaries and jtr rules. The md5sum ones turned into basically over
60-70% of the megadictionaries from various places+jtr rules. which
basically made looking for things silly.

> Frank



-- 
Stephen J Smoogen.
"The core skill of innovators is error recovery, not failure avoidance."
Randy Nelson, President of Pixar University.
"Years ago my mother used to say to me,... Elwood, you must be oh
so smart or oh so pleasant. Well, for years I was smart. I
recommend pleasant. You may quote me."  —James Stewart as Elwood P. Dowd

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ