Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <6d50f98e0603090429q674a538eka720dfc29d785b36@mail.gmail.com>
Date: Thu, 9 Mar 2006 13:29:30 +0100
From: Turko <granturko@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: checking only first 5 characters of a md5 hash

Maybe I didn't explained in a good way (sorry for my english) :
the first 5 chars are not of the password, but they are the first 5 of the
md5 HASH.

So I know 5 first characters of the HASH for example "abc123xxxxxxxxxxx" ) ,
using John can I find all the passwords that have their encryption starting
with "abc123" ? Is this way faster then crack the entire HASH right? (abc123
can correspond to first part of many different hashes -> many possible
passwords -> the first I find is good) .

Is correct the idea? Becouse I don't know how the md5 algorithm works
exactly....

.Thanks.

On 3/9/06, rembrandt@...erlin.de <rembrandt@...erlin.de> wrote:
>
> > How can I tell John to get the substring of the hash and checking only
> its
> > 5
> > chars?
> >
> > .Thanks.
>
> As far as I know you can`t because for this john would have to know the
> keyspace to know where to start and where to end.
>
> Maybe I`m wrong but such a function is not implemented (as far as I know)
> but reducing the keyspace by using parts of the key you know or even the
> start of the plaintext-password is maybe a neat function... :-)
>
> E.g. if you just saw that xyz entered "At526" at the beginning of the
> passwords. Not that we spy passwords.. it`s more to speed up cracking
> passwords of users who left. :-))
>
> Kind regards,
> Rembrandt
>
>
> --
> To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
> to the automated confirmation request that will be sent to you.
>
>


--
L'imbecille cade sulla schiena e si sbuccia il naso. (Proverbio Yiddish).
Non esistono donne brutte. Dipende solo da quanta vodka bevi (Proverbio
russo).

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.