Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 10 Mar 2010 21:50:22 +0100
From: Lee Hambley <>
Subject: Re: auditing passwords of remote Linux servers

Actually, My posts are simply to acknowledge your work, as an open-source
maintainer myself, I know that positive feedback can be difficult to come
by. My interest in password cracking falls outside my daily work. My main
take from the work being done in the John community is the very scientific
approach to analysis and performance, and my own personal learning more
about this area. I find it interesting to learn about how the various
dictionaries can be applied, and the pros and cons of various methods of

Also interesting that I've never had a successful run of John (I'm a Mac
user, and I did compile from source, and I suck at C) There's every chance I
was doing it wrong, attempting incremental mode on my own shadow password
file (naturally I took steps to ensure all was in the proper format.)
Everything written on the list, and on the wiki helps. I should really try
again to approach the crack!

In this instance, the use of Perl for unshadow replacement was interesting;
as well as some really handy snippets for bash and general tricks of the
trade. As a real beginner in this field, terms such as the "Jumbo patch" are
a little intimidating.

I think I asked previously, but something about identifying different types
of hash would have been really useful. Although, I understand such things
aren't possible.

As one open-source guy to another, you're doing a great job on the community
- it's great to see such a thorough presence on the mailing list.


-- Lee

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.