Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <!&!AAAAAAAAAAAYAAAAAAAAAHkpcheVEOpDkVRLau6glY7CgAAAEAAAALDgkNoWEoRJhQhBulca9P8BAAAAAA==@home.se>
Date: Sat, 9 Jan 2021 16:38:18 +0100
From: "Anton Berggren" <antonb@...e.se>
To: <john-users@...ts.openwall.com>
Subject: Sv: Cracking rar password with rar-opencl

Hm...

Looks like my CPU is the only device being used now.
In previous session my GPU was used. We determined that GPU had better
performance.

C:\Users\Anton\Downloads\john-1.9.0-jumbo-1-win64\run>john
--format=rar-opencl --session=rockyou --wordlist=rockyou.txt rar.hashes
Device 1: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Using default input encoding: UTF-8
Loaded 1 password hash (rar-opencl, RAR3 [SHA1 OpenCL AES])
Will run 4 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
0g 0:00:00:47 0.09% (ETA: 07:16:50) 0g/s 315.0p/s 315.0c/s 315.0C/s

/Anton

-----Ursprungligt meddelande-----
Från: Solar Designer <solar@...nwall.com> 
Skickat: den 9 januari 2021 16:18
Till: john-users@...ts.openwall.com
Ämne: Re: [john-users] Cracking rar password with rar-opencl

On Sat, Jan 09, 2021 at 03:46:12PM +0100, Anton Berggren wrote:
> Okey so my command will be with this info: john --wordlist=rockyou.txt
> --fork=2 --restore
> Or am i wrong here?

Wrong.  You would not be restoring anything, but starting a new attack.
So the command might be e.g.:

john --session=rockyou --wordlist=rockyou.txt rar-hash.txt

You can also try adding "--fork=2", although this specific attack is
expected to complete in a couple of hours anyway.

The "--session=rockyou" is so that you don't overwrite progress made by your
previously running attack, and can continue that one if desired.
In fact, you can just keep it running simultaneously (which also eliminates
the need for "--fork=2").

> Yeah, i dont know anything about the password length or language used.
> It include only one small file of 12kilobyte.
> 
> Sometimes websites use their domain as password.. or simliar. But ive 
> tried that and also with different variants does not work.

Hmm.  This raises doubts whether you're even supposed to have that password.
;-)  That said, you can put the likely "base words" in a text file and then
use:

john --session=custom --wordlist=custom.txt --rules=all rar-hash.txt

This will test more "different variants" than you'd test manually.

> I can restrict the password length to 15 character or so. That most
likely.
> Dont think its 20 or more.

This doesn't really matter, because either 15 or 20 is way out of reach for
a (semi-)exhaustive search against a RAR archive, whereas when you're
testing e.g. the RockYou list you can do so without having to restrict it by
password length.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.