![]() |
|
Message-ID: <20210303110211.GA663@openwall.com> Date: Wed, 3 Mar 2021 12:02:11 +0100 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: Splitting mask keyspace On Tue, Mar 02, 2021 at 11:52:25PM +0100, Marek Wrzosek wrote: > You can use tools from PACK (Password Analysis and Cracking Kit) to > generate lists of masks, then distribute masks between your machines. > > https://github.com/iphelix/pack > > You can also use them to analyze your pot files. > > The catch is - the tools are designed for hashcat, you'll need to put in > some work to use then with JtR, but it's not impossible. FWIW, what I've been doing instead of using PACK is reusing JtR's mask mode itself along with "--stdout" to generate the masks. Like this (copy-paste from an e-mail I wrote years ago): --- $ ./john -1=1d -mask='???1???1???1???1???1???1???1???1' -stdo | grep 'd.*d' | wc -l Press 'q' or Ctrl-C to abort, almost any other key for status 256p 0:00:00:00 100.00% (2015-10-23 19:12) 3657p/s ?d?d?d?d?d?d?d?d 247 This outputs 247 masks that satisfy the "at least 2 digits" requirement. To use them, set -1='?l?u' (without digits, as those are tried by other masks). I've then sorted these masks for decreasing number of d's (to test the smaller keyspace masks first), and I am now processing them like this (where "ms" was my list of 247 masks, sorted as I described): n=1; while read m; do echo $m > mask$n; n=$[$n+1]; done < ms and then I can run multiple commands like: for n in `seq 1 247`; do mv -v mask$n{,-w} && m=`cat mask$n-w` && echo "Trying mask $m" && ./john pw-e -form=descrypt-opencl -dev=6 -1='?l?u' -mask=$m -se=$n && mv -v mask$n-w mask$n-d; done for n in `seq 1 247`; do mv -v mask$n{,-w} && m=`cat mask$n-w` && echo "Trying mask $m" && ./john pw-e -form=descrypt -fork=15 -1='?l?u' -mask=$m -se=$n && mv -v mask$n-w mask$n-d; done I am running 5 of these now: for 3 GPUs, and for CPUs (two -fork=15's). This abuse of the filesystem provides pretty efficient poor man's parallel processing. Whichever script instance is first to rename a mask file runs that mask on that script's device. 42 masks are done (out of 247): $ echo mask*-d | wc -w 42 --- Of course, we need to add a multi-mask mode into JtR itself. We have this related GitHub issue, which describes something more elaborate: "Smarter mask mode" https://github.com/openwall/john/issues/4121 Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.