[<prev] [next>] [thread-next>] [month] [year] [list]
Date: Thu, 29 Apr 2004 10:39:38 -0400
From: Luke.K.Franzelas@...star.net
To: owl-users@...ts.openwall.com
Subject: Question: John The Ripper and Word-list issues with Windows versions
I am new at this so please don't be brutal :)
I have searched the Openwall page for a JTR faq and I'm either blind or
this is the method of asking questions. (I am probably blind) I hope this
is the appropriate forum to ask my question.
I have downloaded and installed the john-16W zipped version of JTR. The
brute force method that runs by typing "john.exe <passwordfile> seems to
run fine.
However, when I want to do just a dictionary check I type this command
"john.exe -w:<wordfile> <passwordfile> I get the following output:
john.exe -w:english.txt passshadow.txt
Loaded 3 passwords with 3 different salts (Standard DES [24/32 4K])
guesses: 0 time: 0:00:00:01 100% c/s: 126501 trying: z's - zygote
It seems that only the tail end of the wordlist is being used against the
passwordfile. I have tried multiple different word lists. I have even
tried removing the sections of the wordlist that were successfully
attempted and repeating. This only produced similar results by only
indicating the new tail end of the password file.
The unshadowed password and shadow file I am using is from a test box where
I know what all the passwords are. One of the passwords is "password" The
word "password" is in my english dictionary list and does not appear to be
tried against any of the accounts. When I create a new dictionary list
with just the word "password" in it the user account is cracked. So it
appears that the entire dictionary word list is not being utilized when
running the software.
Similarly when I run the follwing command the dictionary wordfile only
seems to use more of the word list but does not crack the test user account
with the simple "password." I redo the unshadow on the original passwd and
shadow files and alter the password list name to ensure that it is not
remembering the cracked passwords from earlier. The result is as follows.
john.exe -show passwordtest.txt
root:root01:0:1:Super-User:/:/sbin/sh
(it seems that it remembers the root password crack)
1 password cracked, 4 left
john.exe -w:english.txt -rules passwordtest.txt
Loaded 4 passwords with 4 different salts (Standard DES [24/32 4K])
guesses: 0 time: 0:00:00:01 1% c/s: 130816 trying: ribald - risible
guesses: 0 time: 0:00:00:02 4% c/s: 130880 trying: Lobe - Loomed
guesses: 0 time: 0:00:00:03 6% c/s: 130901 trying: potholes - primeses
guesses: 0 time: 0:00:00:05 12% c/s: 130944 trying: trenchtr - turkeytu
guesses: 0 time: 0:00:00:07 14% c/s: 130962 trying: 1gab - 1gardeni
guesses: 0 time: 0:00:00:08 17% c/s: 147344 trying: cheeks2 - chuck2
guesses: 0 time: 0:00:00:10 23% c/s: 144076 trying: armada7 - assign7
guesses: 0 time: 0:00:00:12 28% c/s: 141898 trying: johann4 - kodak4
guesses: 0 time: 0:00:00:14 33% c/s: 140342 trying: voyages6 - warmly6
guesses: 0 time: 0:00:00:16 38% c/s: 139176 trying: sprints? - stared?
guesses: 0 time: 0:00:00:18 45% c/s: 138268 trying: noveD - sdnomdE
guesses: 0 time: 0:00:00:20 48% c/s: 137542 trying: Rekcup - Reifirup
guesses: 0 time: 0:00:00:22 52% c/s: 136948 trying: 2beholde - 2beryl
guesses: 0 time: 0:00:00:28 66% c/s: 135675 trying: Theory7 - Tickled7
guesses: 0 time: 0:00:00:30 71% c/s: 135364 trying: Secant8 - Serge8
guesses: 0 time: 0:00:00:32 76% c/s: 135092 trying: Pilings0 - Planets0
guesses: 0 time: 0:00:00:34 80% c/s: 134851 trying: 7owns - 7pander
guesses: 0 time: 0:00:00:36 83% c/s: 134638 trying: 5inextin - 5inkling
guesses: 0 time: 0:00:00:38 86% c/s: 134447 trying: 8erasure - 8euphori
guesses: 0 time: 0:00:00:40 91% c/s: 134275 trying: creoling - dixiing
guesses: 0 time: 0:00:00:42 100% c/s: 134090 trying: Yeshivin - Zygoting
john.exe -show passwordtest.txt
root:root01:0:1:Super-User:/:/sbin/sh
1 password cracked, 4 left
What am I doing wrong? How do I improve the output of the wordlist check
to ensure it checks all the words and catches simple passwords like
"password"?
Hosted by DataForce ISP -
Powered by Openwall GNU/*/Linux