Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 26 Jun 2006 02:28:06 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: faster scan for blowfish on OpenBSD 3.9

On Sun, Jun 25, 2006 at 04:13:38PM +1000, atstake atstake wrote:
> I am using John 1.6.40 on OpenBSD 3.9 on a P-III 665MHz PC. My target
> is to get the password of a single user which is in OpenBSD's blowfish
> format. The password is 12 characters long and a combination of
> [A-Za-z0-9] and meta-characters.

Well, chances are that you won't get that password cracked within your
lifetime unless either you know more information about the password
(such as a part of it) or the password is in fact weak (e.g., just a
dictionary word with a digit appended to it).

> I also have a dictionary which is 50megs & john uses this as my default
> dictionary.

Since I haven't seen your wordlist, I do not know whether it is any
good.  You might have better luck letting John run the tiny password.lst
with wordlist rules first.

> guesses: 0  time: 0:01:46:53 0% (2)  c/s: 57.35  trying: belurelsen

This line indicates that John is at pass number 2 - that is, it's done
with "single crack" mode and is now running through your wordlist.  It
has completed less than 1% of the wordlist-based cracking pass.

> I ran it for about 3 hours with little luck.

That's no surprise.

> [Incremental:All]
> File=/usr/local/share/john/all.chr
> MinLen=11
> MaxLen=12
> CharCount=95
> 
> but john is not taking the MinLen as 11.

As discussed on this mailing list before, that won't work.

> Can john crack this password if I run it for long enough

While you could set it up such that it would try all 12-character
candidate passwords eventually, it is not going to actually complete a
noticeable portion of that password space within your lifetime.

> or should I try any other method?
[...]
> Is there anything else I should try to make the crack faster?

While I could provide advice on restricting John to your known password
length and such, that is not going to be enough to get the password
cracked anyway.  You really need to know more about the password - or
you merely run John for a while to make sure that the password is not
weak and then you give up.

John is not supposed to crack all passwords.  Instead, you use it to
detect weak passwords.  It sounds like this time you've got a strong
password - and it is processed with a strong password hashing method.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Was I helpful?  Please give your feedback here: http://rate.affero.net/solar

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.