Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 29 Jun 2012 13:55:27 +0200
From: Frank Dittrich <frank_dittrich@...mail.com>
To: john-dev@...ts.openwall.com
Subject: Re: For some dynamic formats on linux-x86-mmx build cracking
 depends on password candidate sequence

On 06/29/2012 01:33 PM, Frank Dittrich wrote:
> $ cd test
> $ mv pw.dic pw.dic.orig
> $ LC_ALL=C tac pw.dic.orig > pw.dic
> 
> $ sha1sum pw.dic.orig pw.dic
> 71e6e0bb9c766c2030730ee1effde079b9fb1222  pw.dic.orig
> ee862671a9c34fc76b863670782b3959d0319caa  pw.dic
> 
> $ ./jtrts.pl -q dynamic
> -------------------------------------------------------------------------------
> - JtR-TestSuite (jtrts). Version 1.12.4, June 22, 2012.  By, Jim
> Fougeron & others
> - Testing:  John the Ripper password cracker, ver: 1.7.9-jumbo-6
> [linux-x86-mmx]
> --------------------------------------------------------------------------------
> form=dynamic_2                    guesses: 1496 time: 0:00:00:00 :
> Expected count(s) (1500)  [!!!FAILED!!!]

I forgot to mention that this test used to pass for jumbo-6.

All affected formats use a sequence of either
md5(md5($p))
or
md5(md4($p))


For the new clang target, I get the same problem, just fewer guesses
than for mmx.

$ ./jtrts.pl dynamic -q
-------------------------------------------------------------------------------
- JtR-TestSuite (jtrts). Version 1.12.4, June 22, 2012.  By, Jim
Fougeron & others
- Testing:  John the Ripper password cracker, ver: 1.7.9-jumbo-6
[linux-x86-clang]
--------------------------------------------------------------------------------
form=dynamic_2                    guesses: 1482 time: 0:00:00:00 :
Expected count(s) (1500)  [!!!FAILED!!!]
form=dynamic_2-raw                guesses: 1482 time: 0:00:00:00 :
Expected count(s) (1500)  [!!!FAILED!!!]
form=dynamic_3                    guesses: 1482 time: 0:00:00:00 :
Expected count(s) (1500)  [!!!FAILED!!!]
form=dynamic_3-raw                guesses: 1482 time: 0:00:00:00 :
Expected count(s) (1500)  [!!!FAILED!!!]
form=dynamic_34                   guesses: 1482 time: 0:00:00:00 :
Expected count(s) (1500)  [!!!FAILED!!!]
Some tests had Errors. Performed 42 tests.5 errors
Time used was 138 seconds



$ ../run/john -ses=./tst -nolog -pot=./tst.pot dynamic_2_tst.in
--wordlist=pw.dic
Loaded 1500 password hashes with no different salts (dynamic_2:
md5(md5($p)) (e107) [128/128 SSE2 intrinsics 8x4x4])
Remaining 18 password hashes with no different salts
guesses: 0  time: 0:00:00:00 DONE (Fri Jun 29 13:54:38 2012)  c/s:
698160  trying: limiey - Skippin� an�*

$ ../run/john -ses=./tst -nolog -pot=./tst.pot dynamic_2_tst.in
--wordlist=pw.dic.orig
Loaded 1500 password hashes with no different salts (dynamic_2:
md5(md5($p)) (e107) [128/128 SSE2 intrinsics 8x4x4])
Remaining 18 password hashes with no different salts
let�ein          (u46-dynamic_2)
swordfish        (u47-dynamic_2)
limiey           (u48-dynamic_2)
jus�m�size       (u168-dynamic_2)
out�eft          (u169-dynamic_2)
hhello__1        (u170-dynamic_2)
gobble__3        (u292-dynamic_2)
summer__3        (u293-dynamic_2)
pentium__4       (u405-dynamic_2)
PIII__4          (u406-dynamic_2)
�utle�t__1       (u407-dynamic_2)
characters__5    (u532-dynamic_2)
good to KN0W__5  (u533-dynamic_2)
asdfasfga__7     (u658-dynamic_2)
flasjkdfw__7     (u659-dynamic_2)
Sword��sh__3     (u778-dynamic_2)
�word�ish__3     (u779-dynamic_2)
HookFish__10     (u905-dynamic_2)
guesses: 18  time: 0:00:00:00 DONE (Fri Jun 29 13:55:01 2012)  c/s:
47831  trying: inkjet__9 - qwerty__11
Use the "--show" option to display all of the cracked passwords reliably

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.