Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 28 Dec 2009 23:14:51 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: JtR 1.7.4 and jumbo patch update

On Sun, Dec 27, 2009 at 08:01:42PM -0500, Charles Weir wrote:
> Here is some benchmark data for running 1.7.3.4 and 1.7.4 on MacOSX
> 10.6.2 Snow Leopard:
> 
> Goal: To evaluate the running time differences between JtR 1.7.3.4 and
> 1.7.4 due to modifications made in 1.7.4 with regard to how word
> mangling rules are implemented.

Yes, thank you!  This is precisely what I wanted - this kind of testing
and benchmarks, especially with non-default rulesets.

> http://sites.google.com/site/reusablesec/Home/john-the-ripper-files/john-the-ripper-sample-configs-1

Thank you for sharing this.  As you're aware, this ruleset might produce
lots of duplicate candidate passwords, especially with length-limited
and/or case-insensitive hashes.  I don't think adding some "-c" flags
and some "<*" and "<-" commands would make it a lot less readable, so
you could want to do that.  Also, if you have ":" (no-op), you need to
use "l Q" instead of just "l", and ditto for "c" and "u".  One thing
that is completely unclear to me is your use of "Ct" instead of just "c" -
why is that?

BTW, with 1.7.4 you can make the ruleset shorter.  For example, the
following lines:

/a lsa@
/e lse3
/l lsl1
/o lso0
/s lss$

may be replaced with:

/[aelos] l s\0\p[@310$]

> Running JtR version 1.7.3.4
[...]
> words: 10495949352  time: 0:01:04:26 100%  w/s: 2714K  current: 9zzzzzzzthi$

> Running JtR version 1.7.4
[...]
> words: 10495945056  time: 0:00:49:48 100%  w/s: 3512K  current: 9zzzzzzzthi$

> JtR 1.7.4 ran noticeably faster than JtR 1.7.3.4, completing its
> session in 76% of the time it took 1.7.3.4 to finish. The one anomaly
> was that the 1.7.4 session outputted that it made 10,495,945,056
> guesses, while the 1.7.3.4 session outputted that it made
> 10,495,949,352 guesses. The difference in guesses may have just been a
> reporting issue, (aka the final count might not be updated), but I'll
> leave it to someone more knowledgeable to answer that question.

No, it's not just a reporting issue.  More like a bug, and I have in
fact just found and fixed a relevant bug.  Can you please repeat the
test of 1.7.4 with the attached patch?

Please make no changes to the ruleset for this test yet.  We need to
make sure the bug is fixed first.

Thanks again,

Alexander

View attachment "john-1.7.4-last-fix.diff" of type "text/plain" (2699 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.