Anyone familiar with john the ripper?
I'm working on a project to migrate a large number of users - some of the users are fake (automated scanning machines or terminals, or applications). At the risk of sounding like Dumb Rumsfield, there are lots of unknowns - and alot of unknown passwords.
john has managed to give me some passwords to some users but its taking weeks. I managed to get a list of users that have accessed the system during the past four months and used this list to create a new slimer password file. I added four already cracked users into this 'new' password file that had simple passwords (these users had passwords that were the same as the login names). I did this so as I could ensure john was working.
A week later I found none of the users in this new shorter password file has been cracked - not even the users who have passwords equal to their login names. I'm using a dual core amd processor with 2gbyte of memory so I would expect better results.
The lack of progress is leading me to believe if I'm wondering if I have somehow got john mis-configured.
Does the sequence of the user entries in /etc/passwd have anything to do with the salt used in creating a password file?
Thus - the order of my password file has changed (because it now only includes users that I consider inscope of my project and excludes users who have shown no activity during the past four months).
I'm wondering if the loss of the other records has some how upset the overall picture leading john to sit there looking pretty for weeks and weeks to come.
Any comments? The source password file comes from Compaq TRU64 Unix which is not the same format as my target system...