Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 30 Aug 2005 21:02:35 +0200
From: "Frank Dittrich" <frank_dittrich@...mail.com>
To: john-users@...ts.openwall.com
Subject: Re: trivial parallel processing (4 CPUs)

Stephen Cartwright wrote:
>Breaking the password file apart randomly causes duplicate salts
>to be used across the password files, but what if you broke the
>password file apart based upon salt?

That's certainly a better alternative.
You could even collect the most frequently used salts of uncracked
passwords (after running single crack mode and simple password rules)
into a separate password file.
Since the number of different salts is smaller, you'll be able to
test a larger part of the search space on these hashes.

>Then for every salt, there would only be 1 set of passwords still.

Right, except for a few somewhat broken password algorithms,
see comments regarding bigcrypt.

>Another thing I am wondering about is how does John crack partial 
>passwords?
>Many passwords have just two or three characters cracked.

That's caused by the way bigcrypt works.
Instead of restrictinc the significant password length to 8
characters, bigcrypt calculates a hash using "Traditional DES" and a
2 character hash. If the password is longer than 8 characters, the
remaining characters of the password (starting from offset 8) are
encrypted separately (again using "Traditional DES", the salt,
however, is composed of the first 2 characters of the hash computed
from the first part of the password).

That's why, the bigcrypt hash QpwuMaH29uXKkXXs6n5D01vg
(from your previous mail) can be split into 2 DES hashes
QpwuMaH29uXKk
is the hash for the first part of your password (8 characters)
wuXXs6n5D01vg
is the hash of the second part of your password (2 characters, which
we know because the  "password" of length 2 has been easily cracked.



>However I thought that with a hash, the output varies widely
>depending on the input.

For bigcrypt, you have 2 separate hashes which can be cracked
individually.


That also means, you shouldn't just split all your bigcrypt hashes
into individual password files.
Instead, you could split each bigcrypt hash into 2 DES hashes
after trying single crack mode on the bigcrypt password file.


$ cut --fields=2 --delimiter=":" pw_bigcrypt | cut --bytes=1-13 \
>| grep -n "." >> bigcrypt.part1

$ cut --fields=2 --delimiter=":" pw_bigcrypt | cut --bytes=3-4,14- \
>| grep -n "." >> bigcrypt.part2

Splitting the part 1 and 2 does only make sense because it's much
more likely that shorter "passwords" will have been used here and
that part 1 of the passwords could more likely be cracked using
wordlists and --rules.

For incremental mode, you should combine these and then split
based on the DES hash.

For john --show, it doesn't matter whether you use pw_bigcrypt
(john will try to compose the complete passwords from the parts
which have beeen cracked) or bigcrypt.part1/2 (john will report
dummy user names (the line numbers from "grep -n") - the same
applies for cracked passwords (command line and log file)).


Regards,
Frank

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.