Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 20 Sep 2015 19:07:40 -0400
From: Rich Rumble <>
Subject: Re: best setup to crack format nt or nt2

On Sun, Sep 20, 2015 at 4:35 PM, Patrick Proniewski <> wrote:
> I'm going to dump Active Directory accounts (2008 R2), convert to some kind of GECOS format and launch John on the resulting file.
username:nt_hash_here is a very simple format, but using the usernames
as a dictionary can be beneficial, you should try -single crack mode
first, it should use the username's (and if you put any thing
"artifically" in a GECOS field).
> I've made some tests already: LM hash is unused, the other hash is recognized as nt and nt2. Is there any difference between those too formats? Apparently, I can use either --format=nt or --format=nt2 with same results.
> I would like to run John for 24 hours on a decommissioned blade server, so I got 8 cpu cores, and lots of RAM, no GPU at all. What would be the best way to use most of this hardware? If I'm not mistaken, nt/nt2 can't get OpenMP benefits, so I could have to split the password file into 8 chunks, or use fork, or any other parallelism setup.
NT is "fast", and as of now OpenMP will not be of benefit for this format,
Fork will however will help reduce the work by 8 :)  Have a look at
this cheat sheet for attacks you may want to try:
Or my article here: (needs updating a
bit, fork is fixed now)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.