Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 22 Jan 2008 21:52:52 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: few passwords cracked (was: different formats..)

Steve (and everyone) - please use a descriptive message Subject and
start a new thread (post your message anew, not as a "reply") whenever
you post something on a new topic.

On Tue, Jan 22, 2008 at 09:18:42AM -0500, Steve ...... wrote:
> I dont know whats up but john used to come through for me
> more often I think then he is now.. this is after 15 hours of running...
> something must be wrong right?..

Not necessarily.  Those systems might have mostly strong passwords.  It
is impossible to tell from just the information you have provided.  (How
many hashes did JtR load for that 15-hour cracking session?)

> lynx@box:~/****$ john --show smallshadow
> halu:111111:12668:0:99999:7::::
> 1 password cracked, 838 left
> 
> lynx@box:~/*****/big$ john --show bigshadow
> vmspam:none:98006:98000::::Incoming:/home/sites/site98/users/vmspam:/bin/ftponly:www.******.com
> etc.....
> 26 passwords cracked, 3229 left

This looks good (except that you should have used "unshadow" on the
first file and that you're using an outdated version of JtR - but this
shouldn't have affected the number of cracked passwords that much).

If you really let JtR run against all of those hashes for 15 hours (this
is not seen from your posting), giving it the proper "--format=..."
option if necessary, then most of those passwords are likely pretty
strong.  If so, perhaps the systems have password policy enforcement in
place.

Another possibility is that the systems you got these files from had
some local customizations, making some of the uncracked hashes
incompatible with JtR, but this is unlikely.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15
http://www.openwall.com - bringing security into open computing environments

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.