Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Fri, 5 May 2017 15:08:52 +0200
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Max characters for password candidates (NTLM) and others

On Thu, May 04, 2017 at 11:56:38PM +0200, magnum wrote:
> On 2017-05-04 23:44, Frank Dittrich wrote:
> > So, it would be possible to drop that limit (or change the limit from
> > currently 27 characters to, say, 54 characters).
> Sure. We could support any length but it'd be slower. Actually, for a 
> non-SIMD build (eg. non-Intel using OpenSSL) I think our limit is 125 
> bytes (which is the hard deck no-matter-what, set by legacy core code) 
> and that'd be just 41 characters worst case (that is, every one of them 
> take three bytes to represent in UTF-8).

So maybe we can recommend Rob to make and use a non-SIMD build of JtR
for such special cases for now?  I guess this would also help him with
"also having the same issue with Kerberos TGS hashes with known
passwords" (quoting from the GitHub issue).

I think this amounts to:

make distclean
./configure --disable-native-tests CFLAGS='-O2 -mno-sse2 -mno-mmx -U__SSE__'

Yes, that's a bit tricky, and IIRC the last -U__SSE__ is a workaround
for glibc headers.

> > But trying password candidates that are longer than 27 characters would
> > reduce the cracking speed to about half the speed of the current
> > implementation.
> Actually we could implement some kind of branching and support 
> 27/54/81/108/125 bytes, no problem. And we could re-write John's core 
> and support more than 125 bytes. But with fast hashes like NT the 
> branching would be a significant regression. It would hurt real-world 
> cracking: No-one has a password of 27 characters, let alone longer.

I think Rob actually has a real-world use case for this.  I don't know
what it is.  Maybe not for NT specifically, but for other hash types
exhibiting similar length limits now.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.