Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 21 Nov 2012 10:29:11 -0600
From: Richard Miles <richard.k.miles@...glemail.com>
To: john-users@...ts.openwall.com
Subject: Re: Can I use the same .pot file for multiple cracking
 sessions without overwrite or erase data?

Thanks Rich and Stephen for clarification, very appreciated. :)

On Mon, Nov 19, 2012 at 6:47 PM, Stephen John Smoogen <smooge@...il.com>wrote:

> On 19 November 2012 17:13, Rich Rumble <richrumble@...il.com> wrote:
> > On Mon, Nov 19, 2012 at 5:45 PM, Stephen John Smoogen <smooge@...il.com>
> wrote:
> >> They do not overwrite each other.. but if your two processes find the
> >> same password.. you will end up with duplicates in the pot file.
> > To clarify, if you have the same hash/password there won't be a
> > duplicate in the POT.
> > That is to say if MD5 hash and an MD4 hash that have the same
> > password, the hashes are different, but the passwords are the same, it
> > will contain a "duplicate" password, but for two different hashes. If
> > you have a salted hash, and the same password gets cracked(2 or more
> > times), the hash type is the same, but the salt is different, which
> > will lead to a different hash+salt combination.
> > (md5)5F4DCC3B5AA765D61D8327DEB882CF99:password
> > (md4)8A9D093F14F8701DF17732B2BB182C74:password
> >
> > You should not get
> > (md5)5F4DCC3B5AA765D61D8327DEB882CF99:password
> > (md5)5F4DCC3B5AA765D61D8327DEB882CF99:password
> > in the same pot file as far as I know... it should be "normalized" in
> > that regard, no matter how many times you write to the pot.
> > -rich
>
> Actually you can do so in the way he is talking about having 2 john's
> running at the same time on the same set of hashes. Let us say that
> you have a fast hash that won't take advantage of multiple cores.. so
> you decide to run
>
> john --session=A --pot=raw-sha1.pot --format=raw-sha1 hashes.sort
> --rules:jumbo --wordlist=/usr/share/dict/words
> john --session=B --pot=raw-sha1.pot --format=raw-sha1 hashes.sort
> --rules:korelogicrules --wordlist=/usr/share/dict/words
>
> I believe john (at least til 1.7.6-jumbo-6 )only checks the pot file
> when you start or restore the session so if both sets of rules were to
> find the password hash
>
> $dynamic_26$8e32f8b89684079780702b613828b97e04e4db7e:Abbotsford
>
> it does seem to get written to the file both times.
>
> --
> Stephen J Smoogen.
> "Don't derail a useful feature for the 99% because you're not in it."
> Linus Torvalds
> "Years ago my mother used to say to me,... Elwood, you must be oh
> so smart or oh so pleasant. Well, for years I was smart. I
> recommend pleasant. You may quote me."  —James Stewart as Elwood P. Dowd
>

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.