Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CANWtx00QfdYqrdzyNXJn=1ZN_6b0ANt6fxTGo4G9S3k5oMgHyA@mail.gmail.com>
Date: Fri, 20 Jul 2012 19:27:23 -0400
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Performance Considerations of stdin

On Sun, May 20, 2012 at 11:07 AM, Solar Designer <solar@...nwall.com> wrote:
> In general, piping candidate passwords into JtR is usually wasteful when
> you crack fast and saltless hashes (or when the salt count is low).
> For slow and/or salted hashes, it is OK performance-wise (although you
> don't achieve any speed increase in this way).
>
> Usually, --stdin and --pipe are used not to increase the speed (which
> they usually don't), but to provide a candidate passwords stream that
> would be impossible or more difficult to generate with JtR itself.  For
> example, when you already have a program that generates your desired
> candidate passwords, you may use it along with --stdin quicker than
> reimplement the same functionality in terms of JtR wordlist rules or
> external mode.
I've been trying new (well to me they are new) methods for cracking,
like using pipe (which works well in the latest jumbo on cygwin).
john-sse2.exe --stdout=11 -i=alpha -session=stdout | john-sse2.exe
pastebindorks.txt -format=raw-md5 -pipe -rules=cap_num -session=zero
-mem 500000000
I am using a rule from Korelogic, and I'm sure it's a bit wasteful, as
incremental will probably be capitalizing letters here an there, but
so far it's been very effective. The rule is as follows (don't recall
the original name)
[List.Rules:cap_num]
-[c:] <* >1 \p[c:] $[0-9]
-[c:] <* >1 \p[c:] ^[0-9]
-[c:] <- >1 \p[c:] Az"[0-9][0-9]"
-[c:] <- >1 \p[c:] A0"[0-9][0-9]"
-[c:] >1 \p[c:] Az"[0-9][0-9][0-9]" <+
-[c:] >1 \p[c:] Az"[0-9][0-9][0-9][0-9]
I'm probably not using -mem correctly, I have been increasing the -mem
option, each time I do (now at -mem 500000000) I get more and more
results. I'm wondering what the optimum way to use incremental=alpha
(append) digits (or digits (prefix) alpha) is. I have a lot of ram, so
I could keep up'ing that as well.
I've created a number of "dumbforce" and "knownforce" alterations, but
nothing works better than good ol incremental :) For me wordlist's +
mangling is #1 (maybe tied with single crack), but incremental with
mangling seems to be very good for my current task. I'm going to cut
the rules above down to [c:] $[0-9] *or* [c:] Az"[0-9][0-9]" for
example to see if it will speed anything along.
-rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.