Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 4 Feb 2017 15:40:42 +0100
From: Patrick Proniewski <p+password@...atpro.net>
To: john-users@...ts.openwall.com
Subject: Re: to Single or not to Single

On 03 févr. 2017, at 16:34, Solar Designer wrote:

> On Fri, Feb 03, 2017 at 04:01:42PM +0100, Patrick Proniewski wrote:
>> $ time ./john --single=None --nolog --verbosity=1 pw-1M  --pot=pw-1M.pot
>> Using default input encoding: UTF-8
>> Loaded 1000000 password hashes with 1000000 different salts (dynamic_25 [sha1($s.$p) 128/128 AVX 4x1])
>> Press 'q' or Ctrl-C to abort, almost any other key for status
>> 1000000g 0:00:00:06 DONE (2017-02-03 15:45) 166449g/s 166449p/s 166449c/s 166449C/s abtvb
>> Session completed
>> 
>> real    0m12.747s
>> user    0m8.558s
>> sys     0m1.874s
>> 
>> not so far, then. That's strange :/
> 
> What salt length(s) do your hashes use?

It's variable, it's a number from 1 to 10^9


> Meanwhile, you may try this:
> 
> Change SINGLE_HASH_LOG to 0 in params.h.  There are two places where
> it's defined differently depending on build type - you may simply edit
> both to set this value to 0.
> 
> Then build with:
> 
> make distclean
> ./configure --disable-native-tests CFLAGS='-O2 -mno-sse2 -mno-mmx -U__SSE__'
> make -sj8


I've made the modification and compiled along with my usual options:

./configure CC=gcc5 LDFLAGS=-L/usr/lib -L/usr/local/lib/gcc5 --disable-native-tests CFLAGS=-O2 -mno-sse2 -mno-mmx -U__SSE__ -I/usr/include/openssl --disable-pkg-config --disable-openmp

> $ time ./john --single=None --nolog --verbosity=1 pw-1M 
> Using default input encoding: UTF-8
> Loaded 1000000 password hashes with 1000000 different salts (dynamic_25 [sha1($s.$p) 64/64])
> Press 'q' or Ctrl-C to abort, almost any other key for status
> 1000000g 0:00:00:03 DONE (2017-02-03 18:16) 332225g/s 332225p/s 332225c/s 332225C/s abtvb
> Session completed
> 
> real    0m7.327s
> user    0m5.576s
> sys     0m0.679s

got: 

$ time ./john --single=None --nolog --verbosity=1 pw-1M --pot=foo.pot
Using default input encoding: UTF-8
Loaded 1000000 password hashes with 1000000 different salts (dynamic_25 [sha1($s.$p) 64/64])
Press 'q' or Ctrl-C to abort, almost any other key for status
1000000g 0:00:00:04 DONE (2017-02-04 14:38) 246153g/s 246153p/s 246153c/s 246153C/s abtvb
Session completed

real    0m10.368s
user    0m7.687s
sys     0m0.599s

And if I try my more realistic file, I have:

$ time ./john --single=None --nolog --verbosity=1 pw-1M-real --pot=bar.pot
Using default input encoding: UTF-8
Loaded 1000000 password hashes with 1000000 different salts (dynamic_25 [sha1($s.$p) 64/64])
Press 'q' or Ctrl-C to abort, almost any other key for status
31291g 0:00:00:07 50.00% (ETA: 14:40:21) 3942g/s 6367p/s 6367c/s 6367C/s bbyyo
57420g 0:00:00:24 50.00% (ETA: 14:40:55) 2305g/s 3729p/s 3729c/s 3729C/s kmyix
89236g 0:00:01:01 50.00% (ETA: 14:42:09) 1441g/s 2337p/s 2337c/s 2337C/s ayxcwx
124505g 0:00:02:06 50.00% (ETA: 14:44:19) 981.1g/s 1589p/s 1589c/s 1589C/s cmxs
...

I can see that it tries only one candidate per hash which is expected. But when I try my real hash file, I see this:

$ ./john --single=None --nolog --verbosity=1 /home/patpro/WORK/aa --pot=dummy.pot
Using default input encoding: UTF-8
Loaded 4741469 password hashes with 4741469 different salts (dynamic_25 [sha1($s.$p) 64/64])
Press 'q' or Ctrl-C to abort, almost any other key for status
1778g 0:00:00:06  255.1g/s 3371p/s 3371c/s 3371C/s vincent@....vincent@...incent
2744g 0:00:00:15  171.6g/s 2217p/s 2217c/s 2217C/s giovanni@...giovanni@...ovanni
4034g 0:00:00:35  112.1g/s 1444p/s 1444c/s 1444C/s d@rk@...l6..d@rk@...l6d
4635g 0:00:00:48  95.61g/s 1238p/s 1238c/s 1238C/s surfs_up24..surfs_up24surfs
Session aborted

It looks like john is trying something with my candidates, doing a bunch of variations. And the "50.00%" has disappeared too, hinting something's changed. I can't find what. Same john binary, same config file, same command line options, always an empty pot at start.

I'm puzzled.
Any idea ?

patpro


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.