Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 4 Nov 2016 15:15:45 +0100
From: matlink <matlink@...link.fr>
To: john-users@...ts.openwall.com
Subject: Re: John does not fork as many times as I want

Hi,


Le 04/11/2016 à 15:02, Solar Designer a écrit :
> Hi,
>
> On Fri, Nov 04, 2016 at 02:34:49PM +0100, matlink wrote:
>> I'm using john-1.8.0-jumbo-1 to crack Linkedin password on a
>> 64-core/512GB ram server.
>> I want john to fork many times, I'm then using the following command:
>>
>> |$ john --fork=40 --format=Raw-SHA1-Linkedin
>> ../UNZIPPED/linkedin/passwords.txt > linkedin.log|
>>
>> After approx 5 minutes, john starts to fork and outputs:
>>
>> |Node numbers 1-40 of 40 (fork)|
>>
>> Even after waiting dozens of minutes, process monitoring only display 4
>> john forks:
>>
>> |$ ps -ef | grep john | wc -l|
>> |5|
>>
>> Is that an expected behavior or I am missing something?
> This is not expected behavior, and IIRC that version correctly forked 32
> processes for me (as requested), and similar versions even worked with
> 240 processes on Xeon Phi.  And prior to the 1.8.0 release, I stress-tested
> the "--fork" feature with 1000 processes on an 8-core.  That was with
> smaller password hash files, though.
>
> Now 1.8.0-jumbo-1 is 2 years old, so please re-test with bleeding-jumbo.
I'm using bleeding version now.
>
> Also, while using bleeding-jumbo (as we won't care about issues specific
> to 1.8.0-jumbo-1 at this point), please test with "--format=Raw-SHA1" in
> place of your "--format=Raw-SHA1-Linkedin".  This other format won't
> crack LinkedIn hashes that circulated IIRC in 2012 (is this what you're
> targeting?), but it will help us pinpoint the issue if it's still
> present in bleeding-jumbo.
I tried with the Raw-SHA1 format, and the issue is still here. I tried
to fork 30 times, but after 20 forks john tells me that it cannot
allocate memory. Again about 200GB memory were free.
>
> Oh, and in case you're actually targeting the much larger LinkedIn dump
> from 2012 that started circulating only this year (2016), then the simple
> "--format=Raw-SHA1" format should in fact be right for it (from what I
> heard about it).  The "-linkedin" format is only for the old 2012 file.
I'm targeting the large linkedin dump that has about 250 million lines.
>
> Alexander

-- 
Matlink - Sysadmin matlink.fr
Sortez couverts, chiffrez vos mails : https://café-vie-privée.fr/
XMPP/Jabber : matlink@...link.fr
Clé publique PGP : 0x186BB3CA
Empreinte Off-the-record : 572174BF 6983EA74 91417CA7 705ED899 DE9D05B2

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.