Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <4D21C078-C87A-4F7D-87BB-9B5AD5DC13F0@gmail.com>
Date: Tue, 25 Aug 2015 16:27:37 -0400
From: KZug <kzug10@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Anyone looked at the Ashley Madison data yet?

Alexander, I apologize in advance for the slightly off topic message. 

Hello all, 
Due to the extremely sloooow Bcrypt speed of the A.Madison dump,  I don’t see a point at each of us working in its own corner. 
If you are willing to participate, I can open a Dropbox folder and share it. (hashes recovered, etc.)
By doing so, we don’t have to reinvent the wheel each time, and can save few CPU cycles. 

Please contact me directly if interested, no need to overcharge the forum. 

K.



 




> On Aug 21, 2015, at 20:54, Solar Designer <solar@...nwall.com> wrote:
> 
> On Fri, Aug 21, 2015 at 11:21:34AM -0500, JimF wrote:
>> Here is a quick 'survey'.  I simply took the first 265k hashes, and
>> and started a forked check using just a few passwords.
> 
> To more reliably determine the ordering of the usual top passwords, I
> recommend taking not "the first 265k hashes" (or whatever count), but
> rather a random sample.  You can do this by running "shuf" (part of
> recent GNU coreutils) first, and only then using "head" on it.
> 
>> One thing I have also seen, is it may be best to do a -fork and
>> OMP_NUM_THREADS=1 when using -single mode, since it keep the number of
>> candidates and targets minimized. All work will be against only the hash
>> that 'should' get the work done for it  (up to a point).  This hash is
>> SO slow, that every option to try only the RICHEST set of candidates has
>> to be done.
> 
> Of course.  Better yet, "./configure --disable-openmp".
> 
> Related: your "just a few passwords" should be a multiple of
> max_keys_per_crypt, which for bcrypt without OpenMP is either 2 or 3 on
> a modern system (depending on your build).  (With OpenMP, it is much
> higher, and you correctly point out that this makes things worse.)
> 
> So if your wordlist has e.g. 5 lines, it is wasteful - you could as well
> test 6 in the same time.
> 
> Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.