Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CAEo4CeMw4d2AsE89Qc1LQys3Wck=vYugUHHeYQDx66jt+GEknA@mail.gmail.com>
Date: Thu, 25 Jan 2024 10:41:00 +0100
From: Albert Veli <albert.veli@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: DES passwords not cracked within hours

Hi,

On Wed, Jan 24, 2024 at 4:29 PM raphael armand <armandraphael4@...il.com>
wrote:

> Albert Veli,
>
> Could you please provide more details about the password you are trying to
> decrypt? Such as its length, special characters, numbers, etc.
>
> Best regards,
> Raphael Armand
>
> It is Raphael that tries to crack a descrypt hash. I was just explaining
the large number of combinations and why it takes a long time if the word
is not in a wordlist or a derivative of a word in a wordlist. See the post
by Solar Designer for good tips about how you can speed it up. But still,
you can only speed it up so much. If the password is random 8 characters,
upper, lower, digits and special, then it will take a very long time.

Anyway, a good way to start is to try all combinations of shorter passwords
first. Then move on to wordlist attacks and lastly brute force of long
passwords, which is unlikely to succeed.
If you have a computer with 8 cores then use:
./john -fork=8 -format=descrypt -pot=descrypt.pot -mask="?a" descrypt.hash
That will try all passwords 1 character long. Then try with mask ?a?a and
so on up until ?a?a?a?a?a.
After that it will be too slow to continue with ?a.

If I have descrypt.hash containing:

joe:gxZWjJiIp7NrI

and maybe I know something. In this case I know the password is 8 lower
case characters. Then I can try:

./john -fork=8 -format=descrypt -pot=descrypt.pot -mask="?l?l?l?l?l?l?l?l"
descrypt.hash

On my computer this will take 1.5 hours.

But if I happen to know something more about the password I can narrow it
down even more. For instance if I know that the password is 8 characters
lowercase and all characters are adjacent on the keyboard I can use an
external program to generate all such combinations, like the kwprocessor
from team hashcat. If I have a link to kwprocessor from the current
directory the command becomes:

kwprocessor/kwp kwprocessor/basechars/full.base
kwprocessor/keymaps/en-us.keymap
kwprocessor/routes/2-to-10-max-2-direction-changes-combinator.route |
./john -stdin -format=descrypt -pot=descrypt.pot descrypt.hash

This will crack the password hash given above almost instantly, but this is
only because I knew so much about it.

Regards,

Albert

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.