Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <39849.74.107.165.188.1283385781.squirrel@webmail.tuffmail.net>
Date: Wed, 1 Sep 2010 20:03:01 -0400 (EDT)
From: brad@...ystems.com
To: john-users@...ts.openwall.com
Subject: Re: Noob question: how to feed 10 alphanum char 
     min&max incremental to aircrack when "MaxLen = 10 exceeds the 
     compile-time limit of 8"

> On Wed, Sep 01, 2010 at 06:52:03PM -0400, brad@...ystems.com wrote:

> I think Joshua's point was that I made it so difficult to do simple/dumb
> things (e.g., shoot oneself in the foot, which sometimes even makes
> sense) that coding a separate program would be easier than figuring out
> how to modify params.h to go beyond length 8 with incremental mode or
> how to modify the DumbForce example in john.conf to specify the desired
> lengths range and charset.


Ah yes, not a good fit currently.


> Yeah, it should be possible to do a lot faster than that, although you
> haven't mentioned the number of NTLM hashes being cracked (with a truly
> large number, the hash table lookups and collisions would be taking
> significant time).


Yes, I omitted that. The time (67m6.326s) was on roughly 30,000 NT
(unsalted md4 unicode) hashes from the KoreLogic Defcon contest.

wc -l nt_clean.txt
30820 nt_clean.txt


> owl!solar:~/john/contest/john-1.7.6-jumbo-6/run$ ./john -e=dumbforce
> -fo=nt -u=aabdelhamid ~/john/contest/pw-contest
> Loaded 1 password hash (NT MD4 [128/128 X2 SSE2-16])
> guesses: 0  time: 0:00:00:03  c/s: 14275K  trying: 45816704 - 45816735
> guesses: 0  time: 0:00:00:07  c/s: 14492K  trying: 004654112 - 004654143
> guesses: 0  time: 0:00:06:49  c/s: 14042K  trying: 4632509280 - 4632509311
> guesses: 0  time: 0:00:09:55  c/s: 14017K  trying: 7229499904 - 7229499935
> guesses: 0  time: 0:00:11:31  c/s: 14011K  trying: 8571090624 - 8571090655
> guesses: 0  time: 0:00:12:31  c/s: 14010K  trying: 9411052608 - 9411052639
> guesses: 0  time: 0:00:13:14  c/s: 13993K  trying: 9999999968 - 9999999999


That's one NT hash and SSE2, right? That should be fast.


> For comparison, here's a raw hashing speed benchmark:
>
> owl!solar:~/john/contest/john-1.7.6-jumbo-6/run$ ./john -te -fo=nt
> Benchmarking: NT MD4 [128/128 X2 SSE2-16]... DONE
> Raw:    25493K c/s real, 25493K c/s virtual


SSE again it seems. Good numbers for a CPU based application. I doubt
you'll get much faster than that on a current CPU with that has type.


> This benchmark uses a lower average password length, though, which might
> contribute to the speed difference.
>
> Alexander

Thanks for the numbers,

Brad

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.