Date: Tue, 15 Nov 2016 17:41:45 -0500 From: Rich Rumble <richrumble@...il.com> To: john-users@...ts.openwall.com Subject: Re: restore jtr with more forks On Tue, Nov 15, 2016 at 4:20 PM, Matlink <matlink@...link.fr> wrote: > Okay thank you for your detailed answer. > > Now, I wonder why john is still retrying every password contained in the > POT file. > > For example if after 24h my POT file contains 50 million of guessed > passwords, john is wasting a lot of time right? > It's not retying the cracked ones when you use the same POT file. It is doing all the same work, minus the 50Mil hashes it's cracked. You'll notice when John loads it says how many are left to crack and how many it has cracked, it is only going after the ones that are left. But until the new threads you created pass the same "place" as the smaller thread run, all the same work is basically being repeated until that point. You've moved to the 3/3 (incremental), so john is doing a smart brute force, looking for more likely character combinations, rather than simply aaaa, aaab, aaac, aaad etc.. If your progress has stalled, there are plenty of other rules and methods you can use. http://openwall.info/wiki/john/tutorials I have some tips in one of my tutorials: https://xinn.org/blog/JtR-AD-Password-Auditing.html You can run other threads and use the same POT file btw. If you have 16 processors, run 4 different attacks, and if you don't specify a POT file, the default john.pot will be used, and all 4 attacks each using 4 (--fork=4) threads will all write to the POT file. This can lead to duplicates, as the only frame of reference each of those attacks has is when they start, they do not reload the pot file, so it's possible to get duplicates in the POT file. I believe John uniq's them when doing a --show so I think it will count them "correctly". -rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.