Date: Fri, 7 Apr 2006 08:24:36 +0400 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: new at this cracker business Jay, I wrote: > >While the output of John cracking sessions can be informative, that's > >not what you should be using to obtain the cracked passwords. Use > >"john --show SAM.txt" instead - this will combine the halves for you. On Fri, Apr 07, 2006 at 04:17:13AM +0000, jay rubin wrote: > When I run the above command line it stated 4 passwords cracked, 4 left More correctly, it should have been referring to "password hashes", not "passwords" - where it counts LM hash halves as separate hashes (I know, this is not perfect). > but did not try to crack the remaining 4. Indeed. The "--show" option, as the name suggests, just displays whatever is already cracked. It does not crack anything new. If you want John to try to crack some of the remaining hashes, you can "--restore" a previous cracking session (preferred) or start a new one. Didn't you say you already had more of these cracked, though? Did you possibly delete your john.pot and start anew? -- Alexander Peslyak <solar at openwall.com> GPG key ID: B35D3598 fp: 6429 0D7E F130 C13E C929 6447 73C3 A290 B35D 3598 http://www.openwall.com - bringing security into open computing environments
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.