Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 5 Jun 2012 09:08:51 -0500
From: "jfoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: RE: GPU formats vs Test Suite

I made changes to the CPU version of cash-2 so that any salt > 19 is deemed
invalid, and get 1410 hashes cracked, so I believe 1410 IS the correct
value.  Also, from memory, 1410 was the 'right' value, as long as the input
file had not changed.  This was the count I 'was' getting with the CPU
version, prior to when I rewrote it.  It used to have a 19 char salt limit.

 

So if 19 char salts will be the max used in the opencl, then simply change
this line in the jtrts.dat file:

 

(opencl)(gpu),(X),(jumbo)&(opencl),50,mscash2-opencl,pw,MSCash2_tst.in,mscas
h2-opencl,Y,X,(1500),(1500)

 

To this:

 

(opencl)(gpu),(X),(jumbo)&(opencl),50,mscash2-opencl,pw,MSCash2_tst.in,mscas
h2-opencl,Y,X,(1500)(1410),(1500)(1410)

 

NOTE, I left the 1500 count, just in case you later update the format, and
allow 22 byte salts.  Having the 1500 there will not impact current running.
If the ts finds either 1500 or 1410 being cracked, it will allow it to be
passed.

 

Jim.

 

From: SAYANTAN DATTA [mailto:std2048@...il.com] 



So I increased the MAX_SALT_LENGTH to 23 to avoid buffer overrun and also
decreased PLAINTEXT_LENGTH to 31. Now it is guessing 1410 passwords. other
90 passwords can't be cracked by my due to the salt length issue.

Any reason why reducing the PLAINTEXT_LENGTH increses guessing?? Previously
it was set to 40.


Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.