Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <SNT121-W560C10A6489FA15F9C6E8EDD6B0@phx.gbl>
Date: Wed, 13 Jan 2010 18:49:23 +0000
From: Paul Needham <pmaneedham@...mail.com>
To: <john-users@...ts.openwall.com>
Subject: getting started, unix_crypt hashes



I have a few questions for the john-users mailing list in relation to both JtR operation, and function.
 
I imported a set of unix_crypt hashes into JtR, having ran the unshadow command to merge the /etc/passwd and /etc/shadow files. Considering this was the first time I had ran JtR, I was concerned when JtR seemed to just pause/freeze after importing the hashes, almost as if it was expecting an additional command. So I was unsure if the process was working. However, I noticed if I press the "-" key on my keyboard it gives me some feedback on what JtR is doing, as shown below:
 
*******
C:\Documents and Settings\********\Desktop\john-1.7.3.1-win32\run>john etcshadow
Loaded 7 password hashes with 7 different salts (Traditional DES [128/128 BS SSE
2])
 guesses: 0  time: 0:00:00:09 (3)  c/s: 489829  trying: doneh - dorny
*******
 
I was a little unsure as to what the "-" related information is actually telling me, so could anyone confirm my assumptions, and possibly clarify where I am unsure:
 
guesses: 0 - ?
time: 0:00:00:09 - I expect this is how long the attempted crack has been running for?
(3) - ?
c/s: 489829 - ?
trying: doneh - dorny - I expect this is the current attempted cracks John is trying against the hash?
 
For anyone who has successfully cracked a password using the tool, when JtR cracks 1 of the password hashes, does it inform the end-user? Or do we need to periodically enter a command to see what has been cracked, and what the tool is still working on.
 
The other thing I wondered, is has JTR been developed so that if it detects the hashes are the traditional unix_crypt, will it keep the crack combinations <=8 characters long, as to my knowledge such passwords cant exceed 8 characters, therefore attempting a 10 character string would be a pointless exercise?  Or do I need to tailor the settings to suit possibilities of unix_crypt passwords? If so could you offer any tips? I guess the obvious one would be formulating a word list only consisting of words or phrases of <=8 characters long. 
 
Anyway, I am currently working my way through the /docs/ provided with the Windows build I donwloaded, so hopefully all will become clear in there, however anything additional anyone wants to add or confirm would be much appreciated. 
 
Thanks
 
 
 
  		 	   		  
_________________________________________________________________
Do you have a story that started on Hotmail? Tell us now
http://clk.atdmt.com/UKM/go/195013117/direct/01/

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.