Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20110822175805.GA16724@openwall.com>
Date: Mon, 22 Aug 2011 21:58:05 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: password with the sign "#"

On Mon, Aug 22, 2011 at 07:46:24PM +0200, Roland wrote:
> I have my Password in the Wordlist, but it don't work right. How long does it take to crack the whole wordlist?

If you have the password in the wordlist, then it should get cracked
almost instantly.  (We're talking fast hashes here - either LM or NT.)

> If I type ./john dump-file john checks the wordlist?

Not exactly.  This invokes three cracking modes in order, one of which
uses password.lst as its wordlist.  To simply run your wordlist, use:

./john --wordlist=WORDLIST-FILE PWDUMP-FILE

of course, replacing WORDLIST-FILE and PWDUMP-FILE with proper filenames.

To run your wordlist with rules (which may be needed to crack the second
half of the LM hash), use:

./john --wordlist=WORDLIST-FILE --rules PWDUMP-FILE

To crack the NT hash instead (case-sensitive), use:

./john --format=nt --wordlist=WORDLIST-FILE PWDUMP-FILE

(with a -jumbo version of JtR).

It is also possible to crack the NT hash after having cracked the LM hash:

./john --show PWDUMP-FILE | cut -f2 -d: | ./john --format=nt --pipe --rules=nt PWDUMP-FILE

This requires very recent -jumbo for the "--pipe" option, or you may
use an older version with an intermediate file.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.