Date: Thu, 4 Aug 2011 01:40:01 +0400 From: Solar Designer <solar@...nwall.com> To: john-dev@...ts.openwall.com Subject: Re: issues with 1.7.8-jumbo-5 On Wed, Aug 03, 2011 at 11:23:51PM +0200, magnum wrote: > On 2011-08-03 20:06, Solar Designer wrote: > >On a linux-x86-64 build, I am getting a segfault when using --stdin > >or --pipe along with a large NT hash file. With a 100k entry file, the > >segfault occurs before the very last password would be cracked. With a > >1M entry file, it appears to occur a bit sooner (occurs instantly when I > >already have 900k+ of cracked hashes in john.pot). Need to similarly > >test -jumbo-4 to see if it's a new bug... > > I could reproduce this: > > 1. created an NT test file from the cp1251 lower.gz from openwall (93k > entries) > 2. ran John against this file, using the rockyou list as dictionary > > Segfault before one single hash was cracked. When I first tried it using > the same lower.gz as dictionary, all was good and everything was cracked. > > Does not happen with jumbo-2 so this is likely something Jim introduced > when implementing -pipe. I hope it's an easy one, the -pipe option is > awesome! For me, the problem occurs with -jumbo-5, but not with -jumbo-4, but on the other hand -jumbo-4 somehow fails to crack one of 100k passwords (maybe an error in the input file, though). solar@owl:~/john/john-1.7.8-jumbo-5/run $ cut -d: -f5 ~/john/pw-fake-nt1m | ./john -stdin -fo=nt ~/john/pw-fake-nt100k [...] encloser (u99997) enclosers (u99998) encloses (u99999) Segmentation fault solar@owl:~/john/john-1.7.8-jumbo-4/run $ cut -d: -f5 ~/john/pw-fake-nt1m | ./john -stdin -fo=nt ~/john/pw-fake-nt100k [...] encloser (u99997) enclosers (u99998) encloses (u99999) guesses: 99999 time: 0:00:01:07 c/s: 74665K trying: agterneef - agterplase Use the "--show" option to display all of the cracked passwords reliably solar@owl:~/john/john-1.7.8-jumbo-4/run $ cut -d: -f5 ~/john/pw-fake-nt1m | ./john -stdin -fo=nt ~/john/pw-fake-nt100k Loaded 100000 password hashes with no different salts (NT MD4 [128/128 X2 SSE2-16]) Remaining 1 password hash guesses: 0 time: 0:00:00:00 c/s: 1111K trying: agterneef - agterplase The pw-fake-nt100k file (gzip compressed) may be downloaded from: http://openwall.info/wiki/john/sample-hashes (scroll down to the end of this wiki page) Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.