Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 13 Jun 2013 08:36:34 +0200
From: magnum <>
Subject: Re: Running Markov for a pre-determined amount of time

On 13 Jun, 2013, at 1:33 , Solar Designer <> wrote:
> On Fri, May 31, 2013 at 12:39:32AM +0200, magnum wrote:
>> While updating doc/MARKOV I realized the new status figures emitted by John 1.8 makes it a lot easier to correctly choose a certain run time (which is perfect for cracking contests or pen-tests). Here's the updated section of that file:
> [...]
> Thank you!  I've added this posting to:
> ... and this reminds me: I'd appreciate help maintaining that wiki page
> (mostly identifying and adding new postings that are worth it).

It was updated again - here is the current version (I'll update the wiki page).


The "LEVEL" parameter should be selected based on the desired maximum running
time. In order to select the appropriate LEVEL, the following steps should be

1/ Run the -single and -wordlist modes of john, as they will find many passwords
for a low price. Perhaps also -inc with a low -max-len that ends in minutes.

2/ Run john for at least 10 seconds (the longer, the more correct measurement)
on the file, for example using the -max-run-time=SECONDS option. For example:
user@...t:run$ ./john -markov -max-run=10 hashfile
Loaded 128 password hashes with no different salts (nt, NT MD4 [128/128 X2 SSE2-16])
Press 'q' or Ctrl-C to abort, almost any other key for status
MKV start (stats=$JOHN/stats, lvl=200 len=12 pwd=259356431)
0g 0:00:00:10 DONE (2013-05-30 23:37) 0g/s 24914Kp/s 24914Kc/s 3319MC/s }svi..}
Session completed
This means that john can test 24.9M passwords / second (24914Kp/s) when
attacking this very file. Since John version 1.8, this figure can be used
directly, salts and dupes or not (earlier versions only showed what is now
output as 3319MC/s and that is harder to use).

3/ Evaluate the quantity of passwords that could be tried during the targeted
time. Using the previous example, a targeted cracking time of 3 hours will lead
to a quantity of 269 G passwords (24914000*3600*3) to test.

4/ Use the genmkvpwd command to find the corresponding level. Using the
previous example, with a maximum password length of 12:
user@...t:run$ ./genmkvpwd stats 0 12
lvl=267 (6968 KB for nbparts) 238 G possible passwords (238763065366)
lvl=268 (6994 KB for nbparts) 264 G possible passwords (264314506579)
lvl=269 (7020 KB for nbparts) 292 G possible passwords (292593173165)
Here, the selected level will be 268 (the highest level where the number of
possible passwords is less than our targeted 269 G).

5/ Run john:
user@...t:run$ ./john -markov:268 -max-len:12 hashfile

The START and END parameter could be used to distribute work among many CPUs.
The old method is to evaluate the combined cracking speed of all CPUs
(adding the step 2 result for every CPUs available) and follow the previous
method. At step 5, share the cracking space among all CPUs, where each share is
proportional with the CPU's cracking speed. When using the new -node or -fork
options (or MPI), this will happen automatically (well, not the adjustment for
heterogenous speeds, but an even split).

For example:
./john -markov -node=3/4      will split the space in four parts and pick the
                              third fourth for this session.
./john -markov -fork=8        will split the space in eight parts and run one
                              process for each. MPI works the same but can
                              launch the job on remote hosts.



Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.