LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 10-01-2003, 09:02 PM   #1
Donboy
Member
 
Registered: Aug 2003
Location: Little Rock, Arkansas
Distribution: RH, Fedora, Suse, AIX
Posts: 736

Rep: Reputation: 31
John the ripper takes too long


I have downloaded and installed John and everything seemed OK for the installation. I started John and it said something about only needing to test 4 passwords with 4 different salts. Not sure what "salts" means, but anyway...

I ran it for just a few minutes before it cracked one of my passwords. Cool.. I know it's working. But after another 7 hours, it still hadn't finished. I ended up killing the process and restarting. Now it says I only need to test 3 of them. I guess that's because it already cracked one of them and now it's working on the other 3.

When I run John now, it says something like what I'm showing below. Every few minutes i would hit a key on the keyboard just to see what it was doing. Here's what it says...

Loaded 3 passwords with 3 different salts (FreeBSD MD5 [32/32])
guesses: 0 time: 0:00:00:36 28% (2) c/s: 2674 trying: symbol5
guesses: 0 time: 0:00:00:42 32% (2) c/s: 2674 trying: dookie6
guesses: 0 time: 0:00:00:51 41% (2) c/s: 2673 trying: pckrs
guesses: 0 time: 0:00:00:57 48% (2) c/s: 2674 trying: Nedlog
guesses: 0 time: 0:00:01:04 53% (2) c/s: 2675 trying: 2isabelle
guesses: 0 time: 0:00:01:52 89% (2) c/s: 2675 trying: fictioned
guesses: 0 time: 0:00:02:09 (3) c/s: 2643 trying: salach
guesses: 0 time: 0:00:02:28 (3) c/s: 2625 trying: supped
guesses: 0 time: 0:00:04:04 (3) c/s: 2594 trying: mediande


This looks weird. It's not showing percentages now. I'm not sure if this is bad or not. I looked high and low for some documentation for John but I couldn't find much of anything on their website. I don't know if this was because (A) I wasn't looking hard enough, or (B) their website could use an overhaul to make sure the information is easier to find or (C) they don't offer documentation. If they do, I will gladly kick myself in the goodies for posting such a doofus question.

The question is... how long is John supposed to run before I should assume it's not doing anything. And should I be concerned about the fact that it keeps saying "guesses: 0" for all of them. Finally, where can I find some good info about running John on Linux.

Thanks in advance and sorry for such a noob question.
 
Old 10-01-2003, 11:26 PM   #2
Donboy
Member
 
Registered: Aug 2003
Location: Little Rock, Arkansas
Distribution: RH, Fedora, Suse, AIX
Posts: 736

Original Poster
Rep: Reputation: 31
Update

I left it running for a while. here's the new output... sure seems like it's not doing anything.

guesses: 0 time: 0:00:00:06 5% (2) c/s: 2658 trying: mickeys
guesses: 0 time: 0:00:10:16 (3) c/s: 2650 trying: maj75
guesses: 0 time: 0:01:19:56 (3) c/s: 2671 trying: scoopeck
guesses: 0 time: 0:02:27:54 (3) c/s: 2667 trying: todfger
 
Old 10-02-2003, 07:10 AM   #3
sidey
Member
 
Registered: Mar 2003
Location: Essex UK
Distribution: rh 8.0 bsd 5.0 slack 9.0 rc2 crux
Posts: 147

Rep: Reputation: 15
The salts you are reffering too are the different type ie md5 etc,

Depending on the make up of the password it will be quicker to attack for example

dog wouldnt take very long
whereas

h1iU53m3d0d4yp455w0rd5 would take a pretty long time

If you, you can forward me your password file and i'll crack it on my 7 3.2 ghz cluster

(joke i wish i had 1 3.2ghz letr alone 7 in a cluster)
 
Old 10-17-2003, 04:09 PM   #4
65_289
Member
 
Registered: May 2002
Distribution: Ubuntu 5.04, Kanotix
Posts: 163

Rep: Reputation: 30
Depending on how long the passwords are, it could take a long time.

If you have a 1 character password, and you include all letters, case sensitive and numbers, then there are 62 possible combinations. If you have 2 character passwords, then there are 62^2 possible combinations. If you have 10 characters, there are 62^10 possible combinations. So it might take a few days to brute-force a 10 letter password.

If you include pound signs, exclamation points, etc, then it can take even longer.
 
Old 10-17-2003, 04:48 PM   #5
jayjwa
Member
 
Registered: Jul 2003
Location: NY
Distribution: Slackware, Termux
Posts: 829

Rep: Reputation: 274Reputation: 274Reputation: 274
In other words, JTR is a neat toy, but don't count on it to crack a real-life password that someone has made up to be strong and avoid this type of brute-force attack in your life-time. I have seen one of PGP that does the same type of deal. Hmmmmm passphase = password + much longer.... no I don't think I'll be running that one anytime soon.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
john the ripper re2 Linux - Security 5 02-26-2005 11:06 PM
John the Ripper Baix Linux - Software 2 02-21-2005 11:05 AM
John the ripper Ephracis Linux - Software 2 12-01-2004 12:27 AM
john the ripper install help Daz_Man2803 Linux - Software 7 06-12-2004 01:12 PM
John the Ripper settings samshiver Linux - Software 2 02-06-2004 04:12 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:51 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration