Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <6e6fa27e-dc4f-63c8-2458-1cd95ed7197d@openwall.net>
Date: Wed, 4 May 2016 10:12:37 -0500
From: jfoug <jfoug@...nwall.net>
To: john-users@...ts.openwall.com
Subject: Re: PBKDF2-SHA1 3DES/AES

On 5/4/2016 5:31 AM, Doc Case wrote:
> Thank you very much.
>
> I'll do it today. Again, I'm learning, but it is quite clear that a brute force attack will be very time consuming.
>
On very slow hashes like this, tools such as the unique process for john (in ./run/unique)
will be your friend.  There are a couple of keys to speeding things up a bit.

1. ONLY try good words. Brute force is usually not good unless you have LOTS of time.
2. NEVER try the same word more than once.

So to handle #2, you always want to prepare your word lists. Then run them through the
unique program, and use the -ex_file=xxx switch, to strip out ALL words from all of your
prior runs before doing the next one. Unique will make sure that the words you are sending
are unique, and then when used with the -ex_file switch, it will ALSO remove words that are
found in that other file. Then you simply keep growing that file as you run new words, and
before running anything new, you build the input file, and unique it (also against all prior
words), then add what is left to the prior words list, and run that list of what was 'left'.
Things like running rules, simply use john and the --stdout switch to run the input words
through the rules you want redirecting to a file. Then unique that file (with above steps),
and ONLY then, run the words that are left.  It is a lot more hand work, but it can speed
things up, and I have seen it speed up to 10x better, due to not every re-running a word
already checked.

Just my 2 cents worth of help here.  Good luck. Finding a targetted password, and especially
for a slow hash is HARD.

-- 
Community volunteer for John the Ripper project.



---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.