Date: Sat, 11 Mar 2006 04:00:08 +0000 From: "hadzijj qwerty" <hadzijj@...mail.com> To: john-users@...ts.openwall.com Subject: Re: does john crack xp passwords correctly? Thank you for very descriptive answer. > >It's seven unknown (not yet cracked) characters followed by the part of >the password that's been cracked (the "M" might be upper- or lower-case, >though - John does not check that). At this point, it is known that the >password is exactly 10 characters long - and only the first 7 characters >remain to be cracked. I'm not sure this is explained in the documentation. Is it somewhere? > >If it's the only password hash you're cracking, you can get some speedup >by restricting your "incremental" mode definition to just 7 character >long passwords (normally, it would try all lengths from 0 to 7 for LM >hashes). In john.conf (or john.ini on Windows), edit this section: > >[Incremental:LanMan] >File = $JOHN/lanman.chr >MinLen = 0 >MaxLen = 7 >CharCount = 69 > >to read: > >[Incremental:LanMan] >File = $JOHN/lanman.chr >MinLen = 7 >MaxLen = 7 >CharCount = 69 Thanks for that suggestion. I have 4 passwords in my passwords file. But the strange thing is that john writes: Loaded 7 passwords with no different salts (NT LM DES [48/64 4K]) AFAIK administrator password is is treated like 1 password, whilst every other password is treated like 2 passwords. Why? > >then interrupt and continue the session (with "john --restore", or >"john-mmx --restore" if you're on Windows). > >However, if you're cracking other password hashes at the same time (not >only Administrator's), then _don't_ follow the above suggestion as there >may remain password halves shorter than 7 characters that are yet to be >cracked. That's understood. > >Provided that you use the current version of John (1.7 or newer) and you >run the MMX build of it, you should get your full Administrator password >cracked reasonably soon (two weeks worst case for a modern CPU, but >chances are that you'd get it cracked _much_ quicker - within hours). I have a version 1.6.39 under debian unstable. Is version 1.7 much faster? Thanks, Hadzij _________________________________________________________________ Don't just search. Find. Check out the new MSN Search! http://search.msn.com/
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.