Date: Mon, 27 Jun 2011 13:20:29 +0400 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: brute force attack of an Unix crypt Martin, Bartavelle - On 27/06/2011 01:06, Martin T wrote: > [Incremental:All8] > File = /usr/share/john/all.chr > MinLen = 8 > MaxLen = 8 > CharCount = 95 > > I remember that I really used letters, numbers and special > characters(8 characters in total) In my experience, people very often remember such things incorrectly. Since trying lengths 1 through 7 is relatively cheap, I suggest that you don't exclude those... or since you already did, now start a second instance of John with MinLen = 1 and MaxLen = 7. > guesses: 0 time: 141:18:48:12 c/s: 929072 trying: 2kageA3z - 2kageACs You appear to be using a highly non-optimal build of John. Perhaps you used the linux-x86-any or generic make target instead of -64 or -sse2? I suggest that you make a build of 1.7.8-omp-des-7 (with that patch), using the proper make target for your machine. This should improve the speed by a factor of 10 (to approx. 10 million c/s). After having tested that with "john --test", interrupt your old session and --restore it with the new version/build. The reported speed will be increasing slowly because all-time average is reported. > How much longer it might take to decrypt this Unix crypt? It might take years, but most passwords get cracked pretty quickly. On Mon, Jun 27, 2011 at 10:47:35AM +0200, Bartavelle wrote: > However, -inc doesn't test all passwords Huh? Actually, it does - just in a smart order. So it must crack that password within those 226 years, assuming that the password is in fact length 8 and does not include control characters (ASCII codes below 32 decimal, or code 127). Switching to a proper build of John improves this worst-case estimate to around 21 years. Moving to a Sandy Bridge CPU (and an AVX build of John) improves this further to 11 years. Using 11 such CPUs improves it to 1 year. In practice almost all passwords are cracked much sooner, specifically due to incremental mode's smart order of tries. Chances are that Martin's password would already be cracked with a proper build of John. Martin - you mention you "generated" the password. Did you do it with a certain program, and which one (and with what specific settings)? If so, the proper attack would be to exploit that program's weaknesses. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.