Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20071113031711.GA29385@openwall.com>
Date: Tue, 13 Nov 2007 06:17:11 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Incremental mode log format

On Sun, Nov 11, 2007 at 03:36:35PM +0100, WhisperingStorm wrote:
> <time> - Switching to length X
> <time> - Expanding tables for length X to character count Y
> <time> - Trying length X, fixed @Z, character count Y
> 
> I think I understand X and Y - the cracker is trying passwords X
> characters long and it's using a charset of Y characters.

More precisely, it's using a charset of Y different character indices.
The number of different characters can be higher than that because
different sets of characters turn out to be most probable for the first
Y indices for different positions, as well as for different preceding
characters.

> However, I don't get what "fixed @Z" means.

Whenever JtR tries passwords with a given number of different character
indices, it needs to avoid trying passwords that would also be available
with a smaller number of different character indices.  (Otherwise, it
would be trying the same candidate passwords more than once.)  This is
achieved by keeping one of the character indices (in character position
reported as "fixed @Z" in your log sample above) fixed at its highest
value (that is, at "Y" minus 1 since the indices are zero-based).  This
needs to be repeated for all positions up to the corresponding length.

BTW, the order in which JtR tries different {length, fixed, count}
combinations may seem weird.  It is based on statistical information
encoded in .chr files.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15
http://www.openwall.com - bringing security into open computing environments

Was I helpful?  Please give your feedback here: http://rate.affero.net/solar

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.