Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 15 Sep 2015 19:16:38 -0700
From: Fred Wang <>
Subject: Re: ldr_split_line() performance regression

It occurred to me that you may find this useful for other testing, as well.

The 29m md5 file was obtained in a challenge a few years ago.  Some of the passwords are easy.  Some are quite hard.  I was able to solve them over time, resulting in the 29m.pass file (see below).  I've also included a more recent disclosure of login/passwords in the 10m.pass file.  This file, deliberately, has both \r\n and \n lines terminators in it, which caused some issues early on in my testing (because I, too, was using SIMD instructions for line processing).

These files, plus mdxfind, can be used to generate hashes easily for test purposes.   To generate a sha1 test file:

mdxfind -f /dev/null -z -h ^sha1$ 29m.pass | sed 's/SHA1x01 //' >29msha1.txt

For sha3-512:

mdxfind -f /dev/null -z -h ^sha3-512$ 29m.pass | sed 's/SHA3-512x01 //' >29msha3-512.txt

Of course, the more exotic ones are supported as well, but they probably aren't as useful for John testing.  Naturally, you can use any method to generate the hashes, but mdxfind is pretty quick at this task, too.

This gives you a "standard" way of testing, and a known set of finds which you should get each time.

I hope this is helpful.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.