Date: Wed, 4 Jul 2007 15:26:56 +0100 From: "Larry Bonner" <larry.bonner1@...il.com> To: john-users@...ts.openwall.com Subject: Re: "incremental" mode vs. dumb exhaustive searches i would just like to point out first of all, that i do not represent or wish to "plug" passwordspro or saminside applications on this mailing list. > My guess is that you haven't run enough comparisons of JtR against other > tools what i did was run JTR in incremental mode using alpha.chr on LM hashes, this was timed from beginning to end on an amd64 2 ghz cpu. it only took about ~16 minutes, so i really wasn't that bothered in what way the password strings were generated. i used 1 hash for both SAMInside and JTR, and SI proved slightly faster..i do not have results right here, but you may try for yourself if you wish. when i tried multiple hashes, JTR decreased in speed while SI stayed relatively the same speed as with 1 hash, i realised soon after why this was happening, but won't say just now. JTR is much faster at attacking des crypt() and md5crypt() hashes than ppro, cain or any other password cracker available that i know of, that i can say for certain. this is mainly due to using kwans sboxes in DES and some optimizations in md5crypt() that aren't used in PPro, although, again at the moment atleast, i have no evidence to back up the claim..i'm sure you won't dismiss that claim quicker. No, saminside or ppro does not feature an attack of NTLMv1 challenge/response (who or what uses NTLMv1 challenge/response?), and the optimizations against NTLMv1 in saminside to the best of my knowledge are only effective against unsalted passwords, which are more commonly attacked. > > The performance for NTLM hashes should be similar (or JtR may actually > be faster), due to Alain Espinosa's optimized code: > Alains code is not faster than SI for normal NTLMv1.. i have no hard evidence to present right this moment, but when i get some time from work, i would be quite happy to do this, and also provide a tool to show a "new" method of attacking md4/md5 hash-based passwords, including md5crypt. Alains code is very good, but i'm afraid that sse2 alone is not as efficient as x86 alone, but together..less dependencies, better pipelining, means better performance. atleast on x86, it is possible to utilize 8 32-bit registers, and 8 sse2 registers, so it is possible to compute 6 hashes at once. on the x64 cpu, it is possible to do 18 hashes each time, but is debateable whether it has advantage or not. sorry if i haven't addressed all your points, i will asap!
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.