Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 30 Jul 2010 00:58:23 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Contest Details - "Crack Me If You Can" - DEFCON 2010

On Thu, Jul 29, 2010 at 10:15:49PM +0200, Simon Marechal wrote:
> Le 29/07/2010 21:52, Solar Designer a ?crit :
> > Yes: I've just registered a john-users team for the contest, although at
> > this point I don't yet know if it'll be just me or a team.  I/we will
> > deliberately avoid the use of "competing" tools (besides, the only good
> > ones I'm aware of are closed-source).  Let's see if we can build a team:
> 
> I would be interested in knowning what the good ones are in your
> opinion.

Oh, I guess I worded this too strongly.  I've never used those other
tools, so I can't really claim they're good - but based on what I hear,
compared to other tools out there a few stand out.  Since I don't want
to help other teams with the contest too much, let me just say that
those are the tools that, like JtR, support Crack-like wordlist rules.

BTW, we're at 1000+ subscribed e-mail addresses in here.  I have no idea
how many of those people are actually reading their john-users postings,
but at least none of those addresses are rejecting or bouncing messages
(if an address starts rejecting or bouncing, it gets dropped from the
list automatically).

> I got a licence from EDPR bought from my employer two years ago
> only to find it was garbage : slow, agent only working on windows and
> the oracle cipher crashed the agent. I don't even mention the chore it
> was to import a 10 user shadow file, or the fact that it couldn't do
> anything more sophisticated than bruteforce ...

Ouch.  Just to make your posting more valuable to all, does the above
apply to current versions of EDPR as well?  As to its speed, I guess it
varies by hash type - so perhaps mention what you ran it against?
I know that it's expected to be very slow at Unix crypt(3) hashes, but
it shouldn't be that bad at LM/NTLM.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.