Comments on: John the Ripped – Steak and French Fries With Salt and Pepper Sauce for Hungry Password Crackers

By: Crack passwords using John the Ripper (JTR) using multiple CPU cores

Crack passwords using John the Ripper (JTR) using multiple CPU cores — Wed, 22 May 2013 10:16:38 +0000

[...] Another good article by same author on password cracking using JTR + MPI. Thanks to him for his good work and sharing. John the Ripped [...]

By: This is the story about how I cracked 122 million* password hashes with John the Ripper and oclHashcat-plus. | *.blog.internetz.me

Thu, 13 Dec 2012 12:37:13 +0000

[...] John the Ripped – Steak and French Fries With Salt and Pepper Sauce for Hungry Password Crackers [...]

By: Zoffix Znet

Zoffix Znet — Wed, 12 Dec 2012 02:39:21 +0000

Hm. I get these messages:
Loaded 199 password hashes with no different salts (Raw MD5 [128/128 SSE2 intrinsics 12x])
MPI: each node processing 1/4 of 1081 rules. (uneven split)

… some found passwords are shown here…

MPI: each node loaded 1/4 of wordfile to memory (about 6 KB/node)

After the passwords that are found in the first… second of running, I get some found passwords but I don’t get any more repeats. All 4 cores are working at 100%, so I think everything is working great. Thanks again.

By: Thireus

Thireus — Wed, 12 Dec 2012 01:42:05 +0000

Something must be wrong with your john. You know when MPI is enabled when you get a message like “MPI: each node processing 1/X of YYYYY rules. (even split)” for X subprocess… For example:

Loaded 9344766 password hashes with no different salts (Raw MD5 [128/128 AVX intrinsics 12x]) Remaining 4404349 password hashes with no different salts MPI: each node processing 1/2 of 6200 rules. (even split)

If you don’t have this message, then you know that MPI is not activated. Follow the steps once more to compile john the ripper with MPI enabled and everything should be fine.

Regards,
Thi.

By: Zoffix Znet

Zoffix Znet — Wed, 12 Dec 2012 01:33:50 +0000

The MPI stuff for cracking MD5 on multiple cores works great! Thank you so much!

The only thing is I noticed some of the found passwords are repeated (i.e. one of MD5 hashes works out to, say, password “Chicago” and I get 3 reports about it). I wonder if the 4 of my cores are being used by four processes to do the same stuff, or whether they are doing different thing, and it’s just the repeated passwords happened to match multiple things the dictionary (note: I have no clue how JiR works).

By: agan

agan — Fri, 16 Nov 2012 23:41:41 +0000

Thank you for your helpful reply Thireus, i'm going to join JTR lists as you suggested

By: Thireus

Thireus — Fri, 16 Nov 2012 13:29:20 +0000

I had a closer look at the latest JtR sources, and in fact DES IS implemented. xD So, sorry my first reply was wrong. Unfortunately, it will not be easy for you to combine it with md5... You can have a look at the latest Jumbo version of JtR, you'll see DES_*.c sources. You can also try the JtR dev version where some good devs already implemented an opencl version opencl_DES_*.c. I think the best way to ask for this kind of functionalities would be directly on JtR mailing lists. Some links that might help you: http://pentestmonkey.net/cheat-sheet/john-the-ripper-hash-formats http://www.openwall.com/john/#lists I'm also updating this article with new stuffs.

By: agan

agan — Fri, 16 Nov 2012 08:20:07 +0000

i’m sure that the crypt in my case is old DES crypt, 13 byte long with the first 2 bytes as salt, so the hash is valid old unix DES crypt of md5(password). i already made simple dictionary based brute forcer in php just for poc, but i need more powerful engine like JTR.

the case is, i already know the hash (and its salt of course), i want to use JTR to brute that hash. i know JTR can brute old unix DES crypt(), and md5(), i want to combine those two to brute crypt(md5(p),salt)… do you know where in JTR src i should look at ?

By: Thireus

Thireus — Fri, 16 Nov 2012 03:26:50 +0000

Hi agan, John The Ripper does ~~not~~ implement ~~any~~ some (a)symetric cryptographic functions like DES. But none of them are implemented as dynamic functions. But first of all you need to make sure that the crypt() function used for your hashes is the old implementation that uses DES, in your case because of the salt I assume it is CRYPT_EXT_DES (c.f. http://php.net/manual/en/function.crypt.php). If that's the case you'll need better tools to reverse the crypt function (c.f. https://en.wikipedia.org/wiki/Data_Encryption_Standard#Brute_force_attack) and lot of money because it will cost you about $10,000... Let's suppose you have the money and know the salt used by the crypt function, it will only take between 1 and 2 weeks to complete all key space. You can have a look at this http://3.14.by/forum/viewtopic.php?f=8&t=1095, I'm not sure if you can use it in your case. But remember... be extremely cautious when you download Russian files/exec! If you achieve the reverse part for the crypt() function then you'll still be able to use the wonderful JtR for md5(plain).

By: agan

agan — Fri, 16 Nov 2012 02:43:53 +0000

Thireus, i want to use JTR for cracking custom hash in a php application –> crypt(md5(plain),salt)… in the documentation i only found SHA1 and MD5 dynamic func primitives. does JTR support dynamic function for traditional DES crypt ?