Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ff1d37c3-e9fe-f889-fd1d-e32562576567@matlink.fr>
Date: Fri, 4 Nov 2016 15:19:32 +0100
From: matlink <matlink@...link.fr>
To: john-users@...ts.openwall.com
Subject: Re: John does not fork as many times as I want

Okay then there is less memory used when cracking hard password
(allowing using more forks) than when freshly starting to crack the
hashes? Is that linked to the "1/3" I can see on the john status? Step
3/3 requires less memory when forking than step 1/3?


Le 04/11/2016 à 15:14, Solar Designer a écrit :
> On Fri, Nov 04, 2016 at 02:59:10PM +0100, matlink wrote:
>> I've omitted to tell something:
>>
>> after these missing forks, the main process returns me:
>>
>> 1:Fork: cannot allocate memory
>>
>> which explains why all forks are not poped.
> Oh, sure.  Sounds like you're cracking the full(er) LinkedIn dump than
> was circulating in 2012, then, and your use of the "-linkedin" format is
> inappropriate.  Please use the simple "raw-SHA1" format instead.  And
> please use bleeding-jumbo.
>
>> However it seems that I
>> still have plenty of available memory (about 200GB free).
> You say you're requesting 40 forks, but only 5 processes are left.
> This may mean that some of the other 35 were forked, fought for memory,
> and then died - freeing up that 200 GB that you see.
>
>> Can this error come from another situation than lack of memory?
> There are many other possibilities, but they are not likely in your case.
>
> The way "--fork" works, it does not multiply the memory needs of one
> process by the number of processes right away.  Most of the memory pages
> are shared between the processes.  However, when a lot of passwords get
> cracked, the differences between the processes increase, and fewer pages
> are shared.  Thus, when cracking large password hash dumps like this,
> you need to start with fewer forked processes to get the easiest
> passwords cracked first, then after a few hours or days, when there are
> relatively few hashes left to crack (e.g., 20% of original) and the
> successful guesses are not as frequent, restart with your desired number
> of processes.
>
> There were some changes in bleeding-jumbo (since 1.8.0-jumbo-1) that
> should partially mitigate this issue, so maybe you'd be able to run more
> processes with it now, but overall my suggested approach above is still
> the way to go.
>
> Alexander

-- 
Matlink - Sysadmin matlink.fr
Sortez couverts, chiffrez vos mails : https://café-vie-privée.fr/
XMPP/Jabber : matlink@...link.fr
Clé publique PGP : 0x186BB3CA
Empreinte Off-the-record : 572174BF 6983EA74 91417CA7 705ED899 DE9D05B2

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.