Date: Wed, 13 Feb 2013 18:34:44 +0400 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: RAR Cracking with JtR Jumbo (Files found during forensics) On Wed, Feb 13, 2013 at 11:08:57AM +0000, Nicolas Brulez wrote: > I have limited power for cracking password, and I tried "crark". Using my CPU I could only reach 245 c/s and my single GPU reached 1200 c/s. Here are some --test benchmarks for JtR bleeding-jumbo. FX-8120 CPU: Benchmarking: RAR3 SHA-1 AES (4 characters) [32/64]... (8xOMP) DONE Raw: 372 c/s real, 46.5 c/s virtual HD 7970 GPU: Benchmarking: RAR3 SHA-1 AES (6 characters) [OpenCL]... (8xOMP) DONE Raw: 2486 c/s real, 10995 c/s virtual (The "real" c/s is what you care about in either case.) I think actual speed will vary between RAR files, and for different password lengths being tested. Your 1200 c/s is a fine speed - it's roughly what you should expect on one non-high-end GPU. > I have tried several things: Some simple wordlist, brute forcing only lowercase, numbers, low/upp/numb/special and i didn't find anything. You may try using JtR to produce some highly focused candidate password lists - use a tiny common passwords list like JtR's bundled password.lst and RockYou's top N (where N is e.g. 10k), apply some rules on top of that, such as using Simon's work-in-progress optimal ruleset: http://openwall.info/wiki/john/rules#Simon-Marechal-s-ongoing-work-towards-an-optimal-ruleset and pass the result through JtR's "unique" program to eliminate any dupes without re-ordering. You may combine larger input wordlists (e.g. more of RockYou top passwords, up to millions) with smaller rulesets, and vice versa, as long as the total number of candidate passwords stays sane. You may also use JtR's incremental and Markov modes. > I am looking for advices on the best setup to use JtR to crack RAR archives. Maybe using distributed cracking or something. > I extracted the RAR archives from the SFX in order to use rar2john and I am now looking for the smartest way to use JtR. Great. What tool did you use to extract the RAR archives from the SFX? For distributed cracking, do you intend to use your own computers or to get a community involved? You may be able to share the output of rar2john to let the community try cracking the password(s), too. Since this code in JtR keeps evolving, I recommend trying latest unstable-jumbo or bleeding-jumbo (for both rar2john and john) - our git trees. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.