|
Message-ID: <CAEo4CeOCphT_nofanu2EpEaO3EEQM5FO7LWOYT3wQ2EL78c60g@mail.gmail.com> Date: Wed, 24 Jan 2024 15:09:04 +0100 From: Albert Veli <albert.veli@...il.com> To: john-users@...ts.openwall.com Subject: Re: DES passwords not cracked within hours You are trying about 16 million passwords per second. Old Unix descrypt can hold max 8 characters. Even if it is only lowercase a-z it will be 26**8 // 16000000 seconds which is about 217 minutes. But if you mix in uppercase it will take much longer. It will be 52**8 password candidates which will take about 928 hours on your computer. Mixing in special characters and digits increases the time even more. The default wordlist password.lst have about 1.8 million lines and the default rules Single and Wordlist have about 1000 and 2800 rules so they are done within minutes. But incremental ASCII ... that can take a very long time, as I explained in the first paragraph. It is because of the large number of combinations. If you know something about the password you can narrow it down. If you for instance know the length or if you know what types of characters are in the password. Are there digits? Are there special characters? On Wed, Jan 24, 2024 at 2:29 PM Matthias Apitz <guru@...xarea.de> wrote: > > Hello, > > I've used 'john' already in October 2022 to crack con success on DES > crypted passwords on SuSE Linux... > > Now I have another use case and using the same installation 'john' is > unwilling to crack a single line password file in hours: > > $ cat /tmp/passwd.des > john:aAxxxxxxxxxxx > > $ cd ~/guru/john-1.9.0-jumbo-1/run > $ ./john /tmp/passwd.des > Using default input encoding: UTF-8 > Loaded 1 password hash (descrypt, traditional crypt(3) [DES 256/256 AVX2]) > Will run 4 OpenMP threads > Proceeding with single, rules:Single > Press 'q' or Ctrl-C to abort, almost any other key for status > Almost done: Processing the remaining buffered candidate passwords, if any. > Warning: Only 783 candidates buffered for the current salt, minimum 1024 > needed for performance. > Proceeding with wordlist:./password.lst, rules:Wordlist > Proceeding with incremental:ASCII > Warning: MaxLen = 13 is too large for the current hash type, reduced to 8 > > (pressed any key after minutes) > > 0g 0:00:04:51 0,00% 3/3 (ETA: 2036-12-10 21:44) 0g/s 16495Kp/s 16495Kc/s > 16495KC/s kbgiega..kbg2hat > > 0g 0:00:07:32 0,00% 3/3 (ETA: 2036-09-20 05:23) 0g/s 16787Kp/s 16787Kc/s > 16787KC/s c6ctbe..c6c9fz > > What I do wrong? > > Thanks > > matthias > > > -- > Matthias Apitz, ✉ guru@...xarea.de, http://www.unixarea.de/ > +49-176-38902045 > Public GnuPG key: http://www.unixarea.de/key.pub > > I am not at war with Russia. Я не воюю с Россией. > Ich bin nicht im Krieg mit Russland. >
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.