Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  NEWS  community  lists  Wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Tue, 29 Aug 2006 06:11:01 -0400
From: John <guipenguin@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Using a pre-computed list of alphanumeric strings. (not rainbow tables)

Why would you have to generate that for every salt? When you have a word
list, its just plain text dictionary file, and John uses that.

I guess I overlooked something.....when I was cracking NT hashes with
pre-generated rainbow tables.... I could do it fast and effectively because
the hash could be broken into two 7 char strings, so really you are only
cracking 7 chars at a time....a MUCH smaller list then having a table of all
possible 14char alphanumeric combinations....

Thanks.

On 8/29/06, Simon Marechal <simon@...quise.net> wrote:
>
> John wrote:
>
> > to pre-compute a 'list' of every possible alphanumeric combination
> > untill 14
>
> 14 chars numeric *only* passwords (123, 123456, ...) are quite numerous
> (10^14 :) ). And that's without counting 13 chars, 12 chars, ...
> passwords.
>
> If the hash is 16 bytes long, you end up using 16*10^14 bytes, about
> 1455To. And you would have to generate that for every salt.
>
>
>

Powered by Openwall GNU/*/Linux Powered by OpenVZ Bookmark and Share