Date: Tue, 4 Apr 2006 02:53:16 +0400 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: John-the-ripper run on Trusted HP-UX I wrote, commenting on the output of a cracking session against a HP-UX password file: > > This is correct. This output means that John has successfully cracked > > the endings of those passwords (characters past 8). For example, > > h0058's password is 9 characters long and ends in a dollar sign. The > > ":2" after usernames means "second part of the password". On Mon, Apr 03, 2006 at 02:08:33PM -0700, Greg Barry wrote: > Am I correct to assume that john has run against the first 8 chars > of the passwd as well as the characters past 8 Yes. John runs against all of the loaded password hashes - and against both halves of split ones (whenever applicable) - in parallel. The reason only second halves got cracked in your case is that they're shorter and thus easier to crack. -- Alexander Peslyak <solar at openwall.com> GPG key ID: B35D3598 fp: 6429 0D7E F130 C13E C929 6447 73C3 A290 B35D 3598 http://www.openwall.com - bringing security into open computing environments Was I helpful? Please give your feedback here: http://rate.affero.net/solar
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.