Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 27 Jun 2011 13:20:29 +0400
From: Solar Designer <>
Subject: Re: brute force attack of an Unix crypt

Martin, Bartavelle -

On 27/06/2011 01:06, Martin T wrote:
> [Incremental:All8]
> File = /usr/share/john/all.chr
> MinLen = 8
> MaxLen = 8
> CharCount = 95
> I remember that I really used letters, numbers and special
> characters(8 characters in total)

In my experience, people very often remember such things incorrectly.
Since trying lengths 1 through 7 is relatively cheap, I suggest that you
don't exclude those... or since you already did, now start a second
instance of John with MinLen = 1 and MaxLen = 7.

> guesses: 0  time: 141:18:48:12  c/s: 929072  trying: 2kageA3z - 2kageACs

You appear to be using a highly non-optimal build of John.  Perhaps you
used the linux-x86-any or generic make target instead of -64 or -sse2?

I suggest that you make a build of 1.7.8-omp-des-7 (with that patch),
using the proper make target for your machine.  This should improve the
speed by a factor of 10 (to approx. 10 million c/s).  After having
tested that with "john --test", interrupt your old session and --restore
it with the new version/build.  The reported speed will be increasing
slowly because all-time average is reported.

> How much longer it might take to decrypt this Unix crypt?

It might take years, but most passwords get cracked pretty quickly.

On Mon, Jun 27, 2011 at 10:47:35AM +0200, Bartavelle wrote:
> However, -inc doesn't test all passwords

Huh?  Actually, it does - just in a smart order.  So it must crack that
password within those 226 years, assuming that the password is in fact
length 8 and does not include control characters (ASCII codes below 32
decimal, or code 127).  Switching to a proper build of John improves
this worst-case estimate to around 21 years.  Moving to a Sandy Bridge
CPU (and an AVX build of John) improves this further to 11 years.  Using
11 such CPUs improves it to 1 year.

In practice almost all passwords are cracked much sooner, specifically
due to incremental mode's smart order of tries.  Chances are that
Martin's password would already be cracked with a proper build of John.

Martin - you mention you "generated" the password.  Did you do it with a
certain program, and which one (and with what specific settings)?  If
so, the proper attack would be to exploit that program's weaknesses.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.