Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 25 Jan 2024 09:20:57 -0500
From: Stephen John Smoogen <smooge@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: DES passwords not cracked within hours

On Thu, 25 Jan 2024 at 09:13, Matthias Apitz <guru@...xarea.de> wrote:

> El día miércoles, enero 24, 2024 a las 04:55:16 +0100, Solar Designer
> escribió:
>
> > On Wed, Jan 24, 2024 at 02:14:16PM +0100, Matthias Apitz wrote:
> > > Now I have another use case and using the same installation 'john' is
> > > unwilling to crack a single line password file in hours:
> >
> > This happens.  Not every password is easily crackable.
> >
> > > What I do wrong?
> >
> > Not exactly wrong, but there are a few things you can do to improve your
> > chances and speed this up:
> >
>
> Thanks for your comments and hints.
>
> As I said, I used the same installation tree as in October 2022. At this
> time I could crack a password in ~20 minutes as the files proof:
>
> ~/guru/john-1.9.0-jumbo-1/run> ls -ltr --full-time john.pot /tmp/pins.des
> -rw-r--r-- 1 sisis sisis 104 2022-10-13 13:25:49.403363915 +0200
> /tmp/pins.des
> -rw------- 1 sisis sisis  21 2022-10-13 13:44:58.261868507 +0200 john.pot
> ~/guru/john-1.9.0-jumbo-1/run> cat john.pot
> aAwfYXwckrtz6:010473
>
> The actual DES hash has the same length and the clear PIN only consists
> of 6 chars: one small letter, 4 digits and the #-symbol. And it's still
> running and after ~17 hours w/o any result.
>
>
So if this was done on the same hardware, it just means that those earlier
passwords were closer to ones that various John incremental is built from
and this one isn't. Incremental is going to run up and down the various
guess lengths of most common password patterns which may not be close to
what your password has in it. [aka 8 letters and 7 letters combinations
will be be tested as long as 6 letter combinations in order to cover the
space.] If you know the pattern is
'[a-z0-9#][a-z0-9#][a-z0-9#][a-z0-9#][a-z0-9#][a-z0-9#]' then you can use
that and get a faster fix. If you know the exact pattern is
'[a-z][0-9][0-9][0-9][0-9][0-9][!@...^&*]' or something like that, you can
search that space with a specific rule or possibly command line argument.



>         matthias
> --
> Matthias Apitz, ✉ guru@...xarea.de, http://www.unixarea.de/
> +49-176-38902045
> Public GnuPG key: http://www.unixarea.de/key.pub
>
> I am not at war with Russia.  Я не воюю с Россией.
> Ich bin nicht im Krieg mit Russland.
>


-- 
Stephen J Smoogen.
Let us be kind to one another, for most of us are fighting a hard battle.
-- Ian MacClaren

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.