Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20210104141521.GA10682@openwall.com>
Date: Mon, 4 Jan 2021 15:15:21 +0100
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Cracking rar password with rar-opencl

Hi Anton,

On Mon, Jan 04, 2021 at 11:55:52AM +0100, Anton Berggren wrote:
>     Device #0 (1) name:     Intel(R) HD Graphics 4600

>     Device #1 (2) name:     Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz

This embedded GPU is of comparable performance to the CPU.  Here's
i7-4770K under Linux:

$ ./john -test -format=rar-opencl -dev=1
Will run 8 OpenMP threads
Device 1: Intel(R) HD Graphics
Benchmarking: rar-opencl, RAR3 (length 5) [SHA1 OpenCL AES]... (8xOMP) Build log: fcl build 1 succeeded.
fcl build 2 succeeded.
bcl build succeeded.

LWS=16 GWS=640 (40 blocks) DONE
Raw:    680 c/s real, 96000 c/s virtual

$ ./john -test -format=rar-opencl -dev=2
Will run 8 OpenMP threads
Device 2: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Benchmarking: rar-opencl, RAR3 (length 5) [SHA1 OpenCL AES]... (8xOMP) Build log: Compilation started
Compilation done
Linking started
Linking done
Device build started
Device build done
Kernel <RarInit> was not vectorized
Kernel <RarHashLoop> was successfully vectorized (8)
Kernel <RarFinal> was successfully vectorized (8)
Kernel <RarCheck> was not vectorized
Done.
LWS=128 GWS=1024 (8 blocks) DONE
Raw:    459 c/s real, 57.8 c/s virtual

$ ./john -test -format=rar              
Will run 8 OpenMP threads
Benchmarking: rar, RAR3 (length 5) [SHA1 256/256 AVX2 8x AES]... (8xOMP) DONE
Raw:    512 c/s real, 64.5 c/s virtual

Please note that rar-opencl also makes some use of the CPU via OpenMP,
even when its target device is a GPU.

You'll probably want to run similar tests for all 3 of your devices, and
perhaps post the results in here.

> And i resume with this command and get the output
> C:\Users\Anton\Downloads\john-1.9.0-jumbo-1-win64\run>john --restore
> Device 3: GeForce GTX 760
> Loaded 1 password hash (rar-opencl, RAR3 [SHA1 OpenCL AES])
> Will run 4 OpenMP threads
> Proceeding with incremental:ASCII
> Press 'q' or Ctrl-C to abort, almost any other key for status
> 
> Is it only using my Nvidia GPU? How can i utilize all my decices? Can i
> optimize my rar password cracking for a more effective usage?
> It seems that my GPU usage isnt constant. It goes up and down.. up and
> down.. up and down... about 10-30%. That is what windows reports anyway.

Do you mean 10-30% utilization, or 10-30% left idle (so 70-90% load)?

The fluctuating utilization is possibly because of post-processing done
on the CPU.  How large is the RAR archive?

You might increase average GPU utilization by running more than one
attack on it - either start a second instance of JtR with a different
"--session" name and configured to test different candidate passwords (a
non-overlapping wordlist, etc.) or use "--fork=2" (yes, with just one
NVIDIA GPU device).

Using the CPU more directly and using its embedded GPU isn't necessarily
a good idea as it'd likely lower your NVIDIA GPU utilization, but feel
free to give this a try with separate sessions.  You'll likely want to
set a lower CPU thread count via the environment variable OMP_NUM_THREADS
to reduce competition for the CPU (competition can be very wasteful).

Using all devices in one session (like you technically could with
"--devices=1,2,3 --fork=3" is almost certainly a bad idea since the
devices are so different and since the best way to use a CPU is
generally by using the non-OpenCL format, but feel free to try anyway.
(Maybe I'm over-estimating your NVIDIA GPU's performance, and it's
actually similar to your CPU and your embedded GPU?  I notice it's a
Kepler era device, and isn't large.)

Again regarding the fluctuating GPU utilization, see also the
"rar-opencl performance" thread we had in here in September:

https://www.openwall.com/lists/john-users/2020/09/

Windows might be under-reporting GPU utilization.  We recently had a
thread in here where this was found to be the case for AMD GPUs.  For
more reliable reporting, please use tools that come with the GPU driver.

Anyway, far more importantly than all of the above, you need to focus
the attack to test candidate passwords that are actually likely.  You
might want to share in here what you know/recall about the password in
plain English, and we'll help you encode that into options to "john".

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.