Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 7 Apr 2006 02:22:04 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: new at this cracker business

Jay,

I wrote:
> >Have you been able to crack some of your passwords ...

On Thu, Apr 06, 2006 at 12:11:13PM +0000, jay rubin wrote:
> So far 6 out of 7.

Based on the numbers of hashes you had mentioned before, those are most
likely password halves, not necessarily full passwords.  To get the
halves combined, use:

	john --show SAM.txt

This will give the complete cracked passwords for your LM hashes.

> >I have no idea what you're referring to with "hash rules".
> 
> One of the option parameters for running john was rules.  I thought that 
> these rules were possible hashing algorithms or possible password formats. 
> Or as I said hash rules.

No, those are more correctly referred to as word mangling rules.  It's a
mechanism John uses to alter input "words" it reads from a wordlist to
form candidate passwords, e.g. by appending digits to dictionary words,
etc.  This is one of several approaches John uses for generating
candidate passwords to try.  In your case, it is not the primary one,

> I want to do some timing on how long it takes john to crack various 
> passwords.  I thought I would do this by changing my password and rerunning 
> john.

Yes, you can do that.

> But I don't need to rerun john against all the passwords.  It looked 
> like it was possible to run john against a specific user but that format 
> was a little unclear to me.

You can use the --users=USERNAME command line option to John, but for LM
hashes it doesn't matter much since the processing cost of cracking 1 or
10 hashes simultaneously is almost the same.  Also, when you rerun John,
it won't load hashes you already have cracked.

P.S. Thank you for your explanations on what has sent you in the wrong
direction.  Unfortunately, I don't see a lot which can be done to make
it easier for new users of John to learn how to do things in the most
straightforward way.  As I have mentioned, the documentation is generic
for all platforms and possible uses of John.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.