Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <CE4A2EA1-8615-4DCC-BCA5-0C7B1CD8A44D@thireus.com>
Date: Tue, 11 Sep 2012 02:29:46 +0200
From: Thireus (thireus.com) <contact@...reus.com>
To: magnum <john.magnum@...hmail.com>
Cc: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com>
Subject: Re: MPI with incremental mode working fine?

Indeed, I know about the 10 minutes and unsaved sessions. But the problem is that duplicates show up at anytime, even after 24 hours cracking there are still duplicates. And what is strange is that there's no more than 1 duplicate... and I suppose using a lower timeout to save sessions will not help :-/ because it will just hide the problem which is that at least two threads out of 8 are just hashing the same generated passwords.

Do you know exactly how the password space is divided for all threads? I would like to know either if this distribution is made when the session is restored (once and for all) or if it is done once one of the thread has completed his work (redistributed). I mean is there a buffer of a big amount of passwords divided in 8 parts and each process takes one part or if there are in fact 8 buffers (fifo) filled by john ?

Thireus (contact@...reus.com), 
IT Security and Telecommunication Engineering Student at ENSEIRB-MATMECA & Master 2 CSI University of Bordeaux 1 (Bordeaux, France).
http://blog.thireus.com

Le 11 sept. 2012 à 01:58, magnum <john.magnum@...hmail.com> a écrit :

> On 2012-09-11 01:12, Thireus (thireus.com) wrote:
>> I did what you suggested, I have generated 1500 passwords (I'm
>> running MacOS, it seems 1500 is the limit when using your command :-/
>> it hangs somewhere in the perl script I guess...).
> 
> Sorry, I forgot that. It defaults to a 1500 limit unless you give eg.
> --count=10000. I think we should change it to emit a warning to stderr
> when this happens.
> 
>> So as you can see MPI is running well here. Now I still don't
>> understand why do I have duplicates (twice generated passwords) when
>> restoring my old session :-/
> 
> Ah, restoring. Now I get it. I am willing to bet this is the "problem",
> although it is not much of a problem once you know what happens: Your
> session files are only updated every 10 minutes unless you lower the
> default. This means after resuming a session, you never lose cracks or
> candidates, *but* you may get up to 10 minutes worth of (harmless)
> duplicates (in other words, the "unsaved minutes" will happen again). Do
> you think this could be it? You can set "Save = " in john.conf as low as
> 1 second for testing, although I recommend you normally use a bit higher.
> 
> I normally run with Save = 60 and I also use to do "pkill -USR1 mpiexec"
> just before aborting a session.
> 
> magnum
> 


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.