Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 8 Feb 2011 00:59:40 +0000
From: Brandon Enright <>
Cc:,, Ron <>
Subject: Re: Gawker.chr (was: 1.7.6 with jumbo 11 patch (or
 omp-des-7) 64-Bit Fedora 14 RPM's)

Hash: SHA1

On Tue, 8 Feb 2011 00:33:58 +0300
Solar Designer <> wrote:

> On Sun, Feb 06, 2011 at 12:28:48AM +0000, Brandon Enright wrote:
> > I have been working on cracking Gawkers too.  With the help from
> > others, I have cracked 667073 of 743863 unique hashes (89.67%).  It
> > would be nice to sync up our cracks.  Contact me off list if you're
> > up for doing so.
> This is impressive.

Thanks, I aim to impress ;-)

> Are you going to describe your approach?

Yes, that's the plan.  I have a bad habit of knowing when to stop
cracking and start writing.  It this point I'm mostly just doing
- --incremental cracking so perhaps I can start writing since nothing
interesting is happening anymore.

> Are you going to make the results public?

Yes, that's the plan.

> - at least a .chr file and top N passwords, but preferably all of the
> actual passwords such that new .chr files and the like may be
> generated from them.

Yeah, I want to release good stats.  A .chr file as well as some Markov
mode stats files.

Ron (of and I plan on posting the cracked list at
We're waiting on free time, more cracks, and time for the victims to
have changed their passwords.  We'll also write a blog post providing
much more detail than what is in this email.

The very short version of my approach is that since day-1 I've had
between 24 and 32 cores crunching non-stop.  On the nmap-dev list
Fyodor mentioned that it would be nice to use the Gawkers passwords in
Nmap's password stats and I mentioned that I'm cracking which caused
several people contacted me offering CPU time.  I farmed out some
quite large Markov mode jobs to various people.

I'd say that for more than 2 weeks straight I had various Markov jobs
split up among at least 64 cores.

Between volunteer CPU time and others syncing up their cracks with me
the task hasn't been all that difficult.

I now have a --incremental=rockyou using Minga's .chr file going on 24
cores.  It has been going for 45 days.


Version: GnuPG v2.0.16 (GNU/Linux)


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.