Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 23 Jul 2020 13:46:04 +0200
From: Solar Designer <>
Subject: Re: Known part of password, attempting incremental attack

On Wed, Jul 22, 2020 at 09:27:53PM -0400, Alexander Hunt wrote:
> It is a pages document so i used iWork2john
> [List.Rules:nraph]
> A0???Known??? Az???0!???
> A0???Knownba??? Az???0!???
> A0???Known??? Az???ba0!
> A0???Knownguft??? Az???0!???
> ./john --wordlist=wordlist.lst --rules=nraph

This looks reasonable (assuming you had proper ASCII quote character
there and not the fancy UTF-8 one that Gmail substituted, and that you
didn't miss the closing quote on rule 3 above).

> Speed:
> 344.3 p/s

You didn't mention the iteration count, but for iteration count 100000
that we use in benchmarks this would correspond to an older quad-core
CPU without AVX2.  That's fine.

We also support iWork on GPU, where you could get maybe 100x higher
speeds, like this on Vega 64:

$ ./john -test -form=iwork-opencl
Device 1: gfx900 [Radeon RX Vega]
Benchmarking: iwork-opencl, Apple iWork '09 or newer [PBKDF2-SHA1 AES OpenCL]... LWS=64 GWS=16384 (256 blocks) DONE
Speed for cost 1 (iteration count) of 100000
Raw:	38824 c/s real, 431157 c/s virtual

However, as always, it's more important to focus the attack than to
improve the speed.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.