Date: Wed, 13 Jan 2010 18:49:23 +0000 From: Paul Needham <pmaneedham@...mail.com> To: <john-users@...ts.openwall.com> Subject: getting started, unix_crypt hashes I have a few questions for the john-users mailing list in relation to both JtR operation, and function. I imported a set of unix_crypt hashes into JtR, having ran the unshadow command to merge the /etc/passwd and /etc/shadow files. Considering this was the first time I had ran JtR, I was concerned when JtR seemed to just pause/freeze after importing the hashes, almost as if it was expecting an additional command. So I was unsure if the process was working. However, I noticed if I press the "-" key on my keyboard it gives me some feedback on what JtR is doing, as shown below: ******* C:\Documents and Settings\********\Desktop\john-22.214.171.124-win32\run>john etcshadow Loaded 7 password hashes with 7 different salts (Traditional DES [128/128 BS SSE 2]) guesses: 0 time: 0:00:00:09 (3) c/s: 489829 trying: doneh - dorny ******* I was a little unsure as to what the "-" related information is actually telling me, so could anyone confirm my assumptions, and possibly clarify where I am unsure: guesses: 0 - ? time: 0:00:00:09 - I expect this is how long the attempted crack has been running for? (3) - ? c/s: 489829 - ? trying: doneh - dorny - I expect this is the current attempted cracks John is trying against the hash? For anyone who has successfully cracked a password using the tool, when JtR cracks 1 of the password hashes, does it inform the end-user? Or do we need to periodically enter a command to see what has been cracked, and what the tool is still working on. The other thing I wondered, is has JTR been developed so that if it detects the hashes are the traditional unix_crypt, will it keep the crack combinations <=8 characters long, as to my knowledge such passwords cant exceed 8 characters, therefore attempting a 10 character string would be a pointless exercise? Or do I need to tailor the settings to suit possibilities of unix_crypt passwords? If so could you offer any tips? I guess the obvious one would be formulating a word list only consisting of words or phrases of <=8 characters long. Anyway, I am currently working my way through the /docs/ provided with the Windows build I donwloaded, so hopefully all will become clear in there, however anything additional anyone wants to add or confirm would be much appreciated. Thanks _________________________________________________________________ Do you have a story that started on Hotmail? Tell us now http://clk.atdmt.com/UKM/go/195013117/direct/01/
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.