Date: Tue, 3 Jan 2012 06:00:58 +0400 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: Testing longer than 16 character words in crypt-md5 On Mon, Jan 02, 2012 at 06:50:42PM -0700, Stephen John Smoogen wrote: > I see that the MD5-crypt ($1$) implementation in john the ripper maxes > out at 15 characters, but other versions such as what I could figure > out in glibc do not limit to that amount. My initial guess is that the > limitation is due to some sort of speed up used in hashing. Yes, that's the case. > My want is to check to see how many passwords are using an email > address with some minimal changes that John the Rippers rules are > great for. but most of the accounts are over 16 characters in length. > Currently I am looking at using JTR to output the modified and then > doing an awk script to feed that to openssl but that seems slower and > missing some obvious herpderp item I am not seeing. You can simply use --format=crypt to make JtR use the system-provided code. Of course, this will be a lot slower than JtR's optimized code. I suggest that you do this in an OpenMP-enabled build. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.