Date: Mon, 28 Dec 2009 23:14:51 +0300 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: JtR 1.7.4 and jumbo patch update On Sun, Dec 27, 2009 at 08:01:42PM -0500, Charles Weir wrote: > Here is some benchmark data for running 220.127.116.11 and 1.7.4 on MacOSX > 10.6.2 Snow Leopard: > > Goal: To evaluate the running time differences between JtR 18.104.22.168 and > 1.7.4 due to modifications made in 1.7.4 with regard to how word > mangling rules are implemented. Yes, thank you! This is precisely what I wanted - this kind of testing and benchmarks, especially with non-default rulesets. > http://sites.google.com/site/reusablesec/Home/john-the-ripper-files/john-the-ripper-sample-configs-1 Thank you for sharing this. As you're aware, this ruleset might produce lots of duplicate candidate passwords, especially with length-limited and/or case-insensitive hashes. I don't think adding some "-c" flags and some "<*" and "<-" commands would make it a lot less readable, so you could want to do that. Also, if you have ":" (no-op), you need to use "l Q" instead of just "l", and ditto for "c" and "u". One thing that is completely unclear to me is your use of "Ct" instead of just "c" - why is that? BTW, with 1.7.4 you can make the ruleset shorter. For example, the following lines: /a lsa@ /e lse3 /l lsl1 /o lso0 /s lss$ may be replaced with: /[aelos] l s\0\p[@310$] > Running JtR version 22.214.171.124 [...] > words: 10495949352 time: 0:01:04:26 100% w/s: 2714K current: 9zzzzzzzthi$ > Running JtR version 1.7.4 [...] > words: 10495945056 time: 0:00:49:48 100% w/s: 3512K current: 9zzzzzzzthi$ > JtR 1.7.4 ran noticeably faster than JtR 126.96.36.199, completing its > session in 76% of the time it took 188.8.131.52 to finish. The one anomaly > was that the 1.7.4 session outputted that it made 10,495,945,056 > guesses, while the 184.108.40.206 session outputted that it made > 10,495,949,352 guesses. The difference in guesses may have just been a > reporting issue, (aka the final count might not be updated), but I'll > leave it to someone more knowledgeable to answer that question. No, it's not just a reporting issue. More like a bug, and I have in fact just found and fixed a relevant bug. Can you please repeat the test of 1.7.4 with the attached patch? Please make no changes to the ruleset for this test yet. We need to make sure the bug is fixed first. Thanks again, Alexander View attachment "john-1.7.4-last-fix.diff" of type "text/plain" (2699 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.