Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAN3PJWggDXB+4TqynVkTku+PMDT68SJc=ZGN1zcMrwA65f0dUg@mail.gmail.com>
Date: Wed, 6 May 2015 00:43:46 -0400
From: Yulong <yyl.dev@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Question on showing number of guesses tried

One thing I just noted is, the number is same for two different cracked
passwords:

0:00:00:00 + Cracked ? as candidate #49152
0:00:00:00 + Cracked ? as candidate #49152

I am pretty confident that they are two different passwords after I did the
counting. I guess this is because, like I asked in previous email, the
number means differently than # of guesses tried? Because it would hard to
crack 2 different passwords in a single guess:)

On Wed, May 6, 2015 at 12:33 AM, Yulong <yyl.dev@...il.com> wrote:

> Hi,
>
> thanks for the detailed explanation! I was able to obtain the batch info
> and also the logs you mentioned in later email. I used still the 1.8.0
> jumbo1, not build from bleed.
>
> 0:00:00:09 + Cracked ? as candidate #45219840
> 0:00:00:23 + Cracked ? as candidate #96829440
> 0:00:00:24 + Cracked ? as candidate #103858176
>
> Mine is very close to yours, although it didn't print out the actual
> cracked password. One thing I am still not clear is, so now the number is #
> of candidates tried, is it equivalent to # of guesses, or # of word from
> the wordlist? The two things might be different because one word from
> wordlist could produce many guesses based on different rules.
>
> For my research, exact figure would be desirable, but a number within a
> tight range (like in a batch of 64) is acceptable. I am trying to compare
> say two different sets of passwords in terms of resistance towards to
> cracking.
>
> On Tue, May 5, 2015 at 6:45 PM, magnum <john.magnum@...hmail.com> wrote:
>
>> On 2015-05-06 00:01, magnum wrote:
>>
>>> On 2015-05-05 23:14, Yulong wrote:
>>>
>>>> Regarding to the inaccuracy, is it totally off? I mean, if we know how
>>>> many
>>>> passwords per "batch" we try, then the actual number of guesses would be
>>>> just "displayed result"/"# per batch"? Thought the question now
>>>> becomes how
>>>> to know # of passwords per batch.
>>>>
>>>
>>> Well you can query it like this:
>>>
>>> $ ../run/john --list=format-all-details --format=wpapsk
>>> Format label                         wpapsk
>>>   Disabled in configuration file      no
>>> Min. password length in bytes        8
>>> Max. password length in bytes        63
>>> Min. keys per crypt                  8
>>> Max. keys per crypt                  64  <-- this figure
>>> (...)
>>>
>>> So for WPAPSK format, it's 64 on my system (you may get a different
>>> figure - it depends on build options, number of cores, AVX/AVX2 and
>>> other things).
>>>
>>> In that case, if a password is found among candidate 1-64, it will be
>>> shown as 64. If it's found among 65-128, it will be shown as 128 and so
>>> on. There is obviously no way to divide that number to get a more exact
>>> figure.
>>>
>>
>> I found a trivial way to get an exact figure in the log file without
>> affecting performance. Screen output will still be rounded up to batch size
>> but log file will show the exact numbers, as in:
>>
>> $ ../run/john ../test/rawmd5_tst.in -form:raw-md5 -inc
>> Loaded 1500 password hashes with no different salts (Raw-MD5 [MD5 128/128
>> AVX 4x3])
>> Warning: poor OpenMP scalability for this hash type, consider --fork=8
>> Will run 8 OpenMP threads
>> Press 'q' or Ctrl-C to abort, almost any other key for status
>> 12345            (u28-RawMD5)
>> start1           (u54-RawMD5)
>> 2g 24576p 0:00:00:01  1.086g/s 13356p/s 13356c/s 20034KC/s 013356..breash
>>                  (u6-RawMD5)
>> 1                (u8-RawMD5)
>> 4g 49152p 0:00:00:02  1.941g/s 23860p/s 23860c/s 35766KC/s breasd..153928
>> (...)
>>
>> $ grep Cracked ../run/john.log
>> 0:00:00:01 + Cracked u28-RawMD5 as candidate #2
>> 0:00:00:01 + Cracked u54-RawMD5 as candidate #1834
>> 0:00:00:01 + Cracked u6-RawMD5 as candidate #25740
>> 0:00:00:01 + Cracked u8-RawMD5 as candidate #25741
>>
>>
>> If you need this, build from a snapshot of bleeding-jumbo:
>> https://github.com/magnumripper/JohnTheRipper
>>
>> magnum
>>
>>
>
>
> --
> Best,
> Yulong
>



-- 
Best,
Yulong

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.