john the ripper

Anyone familiar with john the ripper?

I'm working on a project to migrate a large number of users - some of the users are fake (automated scanning machines or terminals, or applications). At the risk of sounding like Dumb Rumsfield, there are lots of unknowns - and alot of unknown passwords.

john has managed to give me some passwords to some users but its taking weeks. I managed to get a list of users that have accessed the system during the past four months and used this list to create a new slimer password file. I added four already cracked users into this 'new' password file that had simple passwords (these users had passwords that were the same as the login names). I did this so as I could ensure john was working.

A week later I found none of the users in this new shorter password file has been cracked - not even the users who have passwords equal to their login names. I'm using a dual core amd processor with 2gbyte of memory so I would expect better results.

The lack of progress is leading me to believe if I'm wondering if I have somehow got john mis-configured.

Does the sequence of the user entries in /etc/passwd have anything to do with the salt used in creating a password file?

Thus - the order of my password file has changed (because it now only includes users that I consider inscope of my project and excludes users who have shown no activity during the past four months).

I'm wondering if the loss of the other records has some how upset the overall picture leading john to sit there looking pretty for weeks and weeks to come.

Any comments? The source password file comes from Compaq TRU64 Unix which is not the same format as my target system...

Reply to
Loading thread data ...

I should add, I am using a huge wordlist that is not standard with the installation.

Reply to

A little.

Well, being unknown to anyone but the owner is kind of the purpose of passwords, don't you think?

John cracked some passwords, so apparently the program is working. Apparently some of your users just chose strong passwords instead of weak ones.

What's your problem anyway? If you're root you can reset any password you like (and/or disable the respective account). There's exactly no need to crack them.


Reply to
Ansgar -59cobalt- Wiechers

- the project relates to moving users from TRU64 Unix to RHE Linux

- the password hashing on TRU64 is not-compatable with Linux

- Changing passwords is the non-prefered option due to several automatic dependancies (like barcode scan guns which log into the application using unix level security would have to be changed). And the scan guns are so old that nobody knows the passwords that would allow us to manually set them to their source values.

I discovered a large number of users have not used the system in a long time hence I made the password file shorter - since making it shorter I'm wondering if this has somehow broken the password file I need to crack.

Somehow I think I'll end up running around with a manual and reconfiguring scanner guns in March 8( as John still has not made any progress since I made the password file shorter some weeks ago.

Reply to

You could always use SAMInside with prebuilt RainbowCrack tables.

Reply to
Default User

Not on salted UNIX password hashes, you can't. At least not without building them and to compute for all possible salts the tables are going to ginormous, drawfing anything for the LM rainbow tables.

Best Regards,

Reply to
Todd H. Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.