Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 23 May 2005 20:11:52 +0400
From: Solar Designer <>
Subject: Re: Fastest Crack of known password length


On Tue, May 17, 2005 at 08:51:36AM -0400, James wrote:
> What is the fastest method of cracking a password of known length where the
> password is:
> 1. Linux Shadow file
> 2. DES
> 3. Mostly likely is not word based and includes at least 1 standard keyboard
> character.
> 4. Of a known length or at least do a progressice crack where I try 8, that
> fails then I'll try 9, etc.

You need to realize that the traditional crypt(3) DES-based hashes
truncate passwords longer than 8 characters.  So even if you think
that your password is longer, it really is not.

It should be quick enough to run through a wordlist with mangling
rules for just a single traditional DES-based hash, so you do not need
to apply any length restrictions there.  Just pick a large enough
wordlist (such as the "all.gz" available off and do:

	./john -w=all.lst -rules pwfile

Then proceed with "incremental" mode.  You specify the known length by
setting the MinLen and MaxLen parameters to it.  That's done in a
section such as "[Incremental:All]", which you may copy under a
different name and customize.  Then pass the new name from the command
line, such as:

	./john -i=custom pwfile

Where the custom section is:

File = $JOHN/all.chr
MinLen = 8
MaxLen = 8
CharCount = 95

(the "$JOHN/..." syntax is for a 1.6.x development version).

> I'm running 
> john -users:***** -format:DES pwl

That's fine.  Please be sure to use a recent development version and
build it with support for MMX or AltiVec (if you're on x86 or PPC) for
a significant speedup.

You shouldn't have to specify the "format" explicitly, although your
doing so doesn't hurt.

> Right now on one PC and 
> john -users:***** -format:DES -i:ALL pwl
> On another.

This doesn't make sense.  You have both PCs do the same thing.

> I've edited the ini to sent all min. lengths to 8 but does that
> do what I think? 

Yes, perhaps (depending on what you think it does, of course).

Why are you running John against a single password hash, though?
Maybe it'd be simpler to reset the password?

Alexander Peslyak <solar at>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598 - bringing security into open computing environments

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.