Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20170204203317.GA2909@openwall.com>
Date: Sat, 4 Feb 2017 21:33:17 +0100
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: to Single or not to Single

On Sat, Feb 04, 2017 at 03:40:42PM +0100, Patrick Proniewski wrote:
> 4635g 0:00:00:48  95.61g/s 1238p/s 1238c/s 1238C/s surfs_up24..surfs_up24surfs
> Session aborted
> 
> It looks like john is trying something with my candidates, doing a bunch of variations. And the "50.00%" has disappeared too, hinting something's changed. I can't find what. Same john binary, same config file, same command line options, always an empty pot at start.

It's simple: John doesn't merely use usernames as candidate passwords -
it first splits them into "words", and uses those.  See loader.c:
ldr_split_string() and ldr_init_words().  If this logic is undesirable,
you'll want to comment out almost the entire body of ldr_init_words(),
starting with and including the first call to ldr_split_string(), but
leading "return words;" intact.

Alternatively, maybe the desired effect can be achieved by tweaking
CP_isSeparator[], maybe via some options not requiring source code
changes, but this is jumbo-specific addition that I'm not familiar with.

That said, I think it'd be even better to figure out and fix whatever
issue is causing the extremely poor performance, and then you won't have
to worry about those extra candidates being tested - in fact, you'd want
more of them to be tested.

Jim, maybe you'd look into the slowdown with dynamic_25 when not all of
the single mode's usernames match the passwords?  This should be easy to
reproduce with the sed command Patrick posted earlier in this thread.
Also the somewhat slow loading and somewhat excessive memory consumption.
What Patrick is trying to do should be doable in his 30 GB RAM, for all
47M hashes at once, but right now it is not.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.