Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Mon, 3 Sep 2012 02:29:34 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Cracking Word files?

On Mon, Sep 03, 2012 at 12:20:57AM +0200, Paul van Hoven wrote:
> So what I did what feeding john with the hash. The first file (which I
> also provided to you in this email thread) was cracked after about 7
> minutes in my virtual machine. Then I created a new file with the
> password "password23". Now, currently john is already trying to crack
> this file for now about 2 hours and it is still not finished yet.

Try:

./john -w=password.lst --rules=jumbo FILENAMEHERE

to enable more wordlist rules.

By default, JtR won't crack this password, unfortunately.  The "append
two digits" rule (as opposed to appending just one digit) is not
included in the default wordlist mode ruleset, and incremental mode is
limited to lengths up to 8 by default.  Yes, we need to improve the
defaults.

The "jumbo" ruleset includes this rule (and a lot more).

Alexander

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ