Date: Tue, 10 Jan 2012 12:25:33 -0500 From: Chuck Kahn <chuck.kahn@...t-in-toronto.on.ca> To: john-users@...ts.openwall.com Subject: Re: official JtR or jumbo for RAR? After running john (setting MaxLen and MinLen to 2 to keep the test short) on the rardump file /usr/local/Cellar/john/john-1.7.9-jumbo-5/run/john --format=rar > --incremental:Digits2 rardump comes the repeated message: RAR -p mode support is not complete yet! > RAR -p mode support is not complete yet! > RAR -p mode support is not complete yet! > Followed by the result: > guesses: 0 time: 0:00:00:02 DONE (Tue Jan 10 12:15:30 2012) c/s: 40.81 > trying: 87 It doesn't look like it matched the password "11". If "RAR -p mode support" refers to incomplete support of the "p" (password) switch of the RAR command, does that mean jumbo can't crack RAR passwords? On Tue, Jan 10, 2012 at 3:37 AM, Dhiru Kholia <dhiru.kholia@...il.com>wrote: > On Tue, Jan 10, 2012 at 11:36 AM, Chuck Kahn > <chuck.kahn@...t-in-toronto.on.ca> wrote: > > Which will work faster at cracking RAR passwords -- the official JtR or > > jumbo? > > Official JtR doesn't have support for cracking RAR files in-built. > > > $ /usr/local/Cellar/john/john-1.7.9-jumbo-5/run/john --format=rar > >> --incremental:all testabc.rar > >> No password hashes loaded (see FAQ) > > The FAQ doesn't provide detail on how to use "--format=rar" for jumbo > JtR. > > How do I proceed with jumbo and RAR? > > If you are using jumbo then first run rar2john tool on your RAR files > rar2john testabc.rar > rardump > > Then run john on the generated rardump file. > > john --format=rar rardump > > Using jumbo should be faster than your shell script. However cracking > RAR files is extremely slow in general. > > -- > Cheers, > Dhiru >
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.