Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20130113012908.GA9961@openwall.com>
Date: Sun, 13 Jan 2013 05:29:08 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Cracking md5 salted password

On Sat, Jan 12, 2013 at 11:37:54PM +0000, fevere alleee wrote:
> Loaded 1 password hash (FreeBSD MD5 [128/128 SSE2 intrinsics 12x])
[...]
> guesses: 0  time: 7:18:20:36 0.00% (3)  c/s: 87711  trying: lg976r17 -
> lg976rk7

OK, this is sane speed for a quad-core CPU.  It's just about 15% slower
than what I'd expect for a Q6600, but maybe there was some other load.

> OS is centos 6.3 and how to check if GPU is there ?

If you have to ask, it means there's no decent GPU in there. ;-)

> Out of curosity, how long will it take to brute force password ( less that
> 15 chara ) with special characters ?

The words "brute force" can mean so many different things that to me
they're meaningless, which is why the official John the Ripper
documentation does not use them (-jumbo isn't as clean, though).

That said, the short answer is: it can take practically forever.

What you may do is try additional wordlists:

http://www.openwall.com/passwords/wordlists/#links

In particular, try rockyou.txt.bz2 available from the SkullSecurity wiki
(somehow it's down at the moment, but it should be back up soon).

You may also try more and bigger wordlist rulesets, such as
"--rules=jumbo" and additional rulesets downloadable here:

http://openwall.info/wiki/john/rules

Why do you need to be cracking this specific password, though?  Why not
just reset it?

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.