Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 1 May 2018 14:53:10 +0200
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: got DaveGrohl and JtR working, need to focus the attack

On Mon, Apr 30, 2018 at 10:41:07PM -0700, Eric Oyen wrote:
> btw, can I use the macports version of JTR on high sierra to work on this? they have the jumbo version available there as well. (yes, I finally got my new mac mini up and working).

Probably yes, but you could prefer one of our community's recent builds:

http://download.openwall.net/pub/projects/john/contrib/macosx/

I don't know what version macports has nor how it's been built.

> The n7zzt account on my machine is proving far more difficult to crack. I have ruled out 5 character passwords, working on 6 now (due to be done in 7 days and will try on 7 for the length (which, if I have to use any of the special characters might well require several years brute forcing). In fact, if my calculations are correct, that operation will take no less than 590 days, 22 hours and a handful of minutes.

You'll need to focus these attacks or/and use incremental mode (which
orders the candidate passwords from most to least likely).  You can
probably also speed things up - e.g., are you currently using --fork
(requires JtR 1.8+)?

> btw, I do know that the n7zzt password is likely 8 or 13 characters long, contains several numbers as well as 1 symbol "!" and the letters (possibly) such as H, m, r,d,n,L,z,t (and any of their capitalized variants). 

You can use options like this:

-9='hmrdnlztHMRDNLZT?d!' --mask='?9?9?9?9?9?9?9?9'

You can optimize it further if you know what characters are possible in
what position, e.g. if the exclamation mark is definitely at the end:

-9='hmrdnlztHMRDNLZT?d' --mask='?9?9?9?9?9?9?9!'

if only the first letter is uppercase:

-9='hmrdnlzt?d' --mask='[HMRDNLZT]?9?9?9?9?9?9!'

and so on.

> I may have to use another program called crunch

No, you don't need Crunch.  JtR has all of the functionality built-in.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.