Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20240125151735.GA23138@openwall.com>
Date: Thu, 25 Jan 2024 16:17:35 +0100
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: DES passwords not cracked within hours

On Thu, Jan 25, 2024 at 10:41:00AM +0100, Albert Veli wrote:
> Anyway, a good way to start is to try all combinations of shorter passwords
> first. Then move on to wordlist attacks and lastly brute force of long
> passwords, which is unlikely to succeed.
> If you have a computer with 8 cores then use:
> ./john -fork=8 -format=descrypt -pot=descrypt.pot -mask="?a" descrypt.hash
> That will try all passwords 1 character long. Then try with mask ?a?a and
> so on up until ?a?a?a?a?a.
> After that it will be too slow to continue with ?a.

It's not always a good idea to focus on short passwords first, nor to
use the dumber mask mode instead of the smarter incremental mode.  By
doing this for a completely unknown password, you likely increase the
time it'll take to crack the password.  What you gain is ease of
reasoning about what's been tried, which can then be useful to limit
further attacks (although for that you could also use "--incremental
--max-length=5").  You also need mask mode to use GPUs/FPGAs on a
(semi-)fast hash type like this efficiently (but you'd preferably use it
in combination with a smarter mode on host, as shown in doc/MASK).

> If I have descrypt.hash containing:
> 
> joe:gxZWjJiIp7NrI
> 
> and maybe I know something. In this case I know the password is 8 lower
> case characters. Then I can try:
> 
> ./john -fork=8 -format=descrypt -pot=descrypt.pot -mask="?l?l?l?l?l?l?l?l"
> descrypt.hash
> 
> On my computer this will take 1.5 hours.

I understand this is just an example, but it's also an example of how
usage of the mask can slow things down.  That hash gets cracked
instantly by JtR's default invocation.  Indeed, the password is close
to the start of our default wordlist:

$ fgrep -nx qwertyui password.lst 
1723:qwertyui

> But if I happen to know something more about the password I can narrow it
> down even more. For instance if I know that the password is 8 characters
> lowercase and all characters are adjacent on the keyboard I can use an
> external program to generate all such combinations, like the kwprocessor
> from team hashcat. If I have a link to kwprocessor from the current
> directory the command becomes:
> 
> kwprocessor/kwp kwprocessor/basechars/full.base
> kwprocessor/keymaps/en-us.keymap
> kwprocessor/routes/2-to-10-max-2-direction-changes-combinator.route |
> ./john -stdin -format=descrypt -pot=descrypt.pot descrypt.hash
> 
> This will crack the password hash given above almost instantly, but this is
> only because I knew so much about it.

That's cool, but it's also an example of how the password can be so
simple you don't actually benefit from usage of an external tool.  It
also cracks in 2 seconds for me with our "--external=keyboard", which is
a pre-defined "external mode" in JtR.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.