Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-Id: <53412E42-E05C-4A4D-980E-AB6852CDC96A@internode.on.net>
Date: Mon, 21 Oct 2019 23:13:36 +1030
From: Sebastian Hudson <s.hudson@...ernode.on.net>
To: john-users@...ts.openwall.com
Subject: How to increase Max Length? / Very long passwords

Hi, so I’m aware that what I’m trying to do might actually be impossible but I still want to try and find a way because it’s just for fun so why not.
I hope I can explain this all well.

I’m trying to crack an sha256 hash, but the password itself is an sha256 hash.
For example:
If the hash is e0bc614e4fd035a488619799853b075143deea596c477b8dc077e309c0fe42e9
then the actually password would be 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b.

The main problem I’ve come across is just the length of it. Prince mode won’t try to crack anything with a Max Length of 32 and Markov won’t try anything over 30.
Is there a way to change the Max Length to more?

The reason I tried to use prince was I made a wordlist that broke up the permutations into groups of 8. Eg: aab3d7ef. If I could get it to try every combination of 8 of these (8x8=64) randomly then maybe it would just stumble on the password.

Ideally I think if there was a way to just keep hashing the last attempt over and over it might stumbled on the password too. Eg: if it tried
e0bc614e4fd035a488619799853b075143deea596c477b8dc077e309c0fe42e9
then
d6a804981ea7ce374acc21c9a8bf82f50b684b0ea4bdf8b26a7a775291aaf7a6
then
ad376767fc04814220cc25c79b2777cd14704f23f1830318b5bd9eb97e4fedf6

perhaps that would be quicker?

If anyone has any other ideas that would be great!
I’m just doing this as a hobby after finding some interesting articles on hashes and cracking etc… so my knowledge isn’t heaps.

Cheers

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.