Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 29 Dec 2009 02:16:19 +0300
From: Solar Designer <>
Subject: Re: JtR 1.7.4 and jumbo patch update

On Mon, Dec 28, 2009 at 06:00:06PM -0500, Rich Rumble wrote:
> 0-5 chars (LM) using default passwd.lst and un-commenting all rules in
> john.conf (I am crazy)
> on a Intel Core 2 Duo at 2.33Ghz takes under 3 minutes
> Loaded 23 password hashes with no different salts (LM DES [128/128 BS SSE2])
> PASSWOR          (test:1)
> AAA              (test-4)
> D                (test:2)
> EME              (test:2)
> guesses: 4  time: 0:00:00:01 (3)  c/s: 5514K  trying: SMPX - 2MPU
> $!+V3            (test:2)
> guesses: 5  time: 0:00:01:17 (3)  c/s: 203350K  trying: =R=S/ - =R=10
> guesses: 5  time: 0:00:02:51 (3)  c/s: 213487K  trying: |||`} - ||||}

Yeah, that's about right, and you would probably get more passwords
cracked during that time if you did not limit the length.  As to you
uncommenting the "crazy" rules, that's fine for very fast hashes like
that, and it actually did not affect this run's duration - as we can
see, it proceeded to "incremental" mode (shown as pass 3) after just one
second.  If you want to try the word mangling rules some more, you can
run JtR with the jumbo patch like this:

./john -w=password.lst --rules=single pwdump-file


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.