Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 3 Dec 2011 14:30:15 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: AMD X6 multicore issue

On Sat, Dec 03, 2011 at 11:07:38AM +0200, Caesarmv wrote:
> I'm trying to get 9 character pass (SHA512).

What are you doing this for?  (Your answer may affect what I'd recommend.)

> I'm using 1.7.9 with openMP and default settings.
> Command line: ./john pass.txt

For a slow hash type like this, you won't get very far with incremental
mode, so you may want to focus on trying various password lists,
including with word mangling rules.  You've already tried the included
password.lst with the default set of rules.  You can add to that by also
trying "-w=password.lst --rules=single" (use a larger ruleset) and/or
larger leaked password lists such as those found at:

http://www.skullsecurity.org/wiki/index.php/Passwords
http://dazzlepod.com/disclosure/

You need to start with smaller ones of these lists, sorted for
decreasing number of occurrences of each entry.  On the other hand, even
going over the entire RockYou list, which is about 14 million unique
entries (IIRC), will only take you a few hours (since you only have 2
salts to compute hashes against, IIRC).

You can also try all.lst from:

http://download.openwall.net/pub/wordlists/

Since you're dealing with slow hashes, you may want to eliminate any
duplicate candidate passwords (resulting from application of rules) with
this approach given in doc/EXAMPLES:

./john -w=password.lst --rules=single --stdout | ./unique mangled.lst
./john -w=mangled.lst pass.txt

(and ditto for other source wordlists).

> How much time it can take to decrypt such password?

It depends.  The password might be cracked instantly or it could take
forever, or it could be anything inbetween.  The latter is most likely.
See also "Q: How long should I expect John to run?" in doc/FAQ.

> Are there any restrictions for pass length or I can decrypt pass with any
> length with default john settings?

Incremental mode is limited to lengths up to 8 by default.  Other
cracking modes are not limited in length (for practical purposes).

This means that when you're running in incremental mode, which you are
(pass "3" is it), you definitely won't get your length 9 password
cracked - unless you customize the CHARSET_* settings in params.h,
re-compile, generate a new .chr file, and use that.  My advice, though,
is that you focus on wordlist mode with rules instead.  You're very
unlikely to crack a length 9 password against a slow hash like this with
incremental mode even if you customize the settings.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.