Cracking passwd "linux" with John (JTR) took 1hr
I try to find out how secure my passwords are and tried the following: I created a file passwd.1 with the following content: test: $2a$05$CL3uN2mrTaP6zoDNubQsEuFhxIB0K4bIylcm5yuP5LTY8nZ3HJ4MO:1002:100:te st:/home/test:/bin/bash Then I used john from SuSE 9.1-DVD: john -users:test -session:testcrack passwd.1 Loaded 1 password hash (OpenBSD Blowfish [32/32]) linux (test) guesses: 1 time: 0:01:11:27 (3) c/s: 333 trying: linux Why does it take so long to crack a simple passwd like "linux", while the password test1 was found immediately? I used a XP 2700+ with the following bechmarks: john -test Benchmarking: Traditional DES [24/32 4K]... DONE Many salts: 223578 c/s real, 232391 c/s virtual Only one salt: 214406 c/s real, 218773 c/s virtual Benchmarking: BSDI DES (x725) [24/32 4K]... DONE Many salts: 8009 c/s real, 8139 c/s virtual Only one salt: 7924 c/s real, 8053 c/s virtual Benchmarking: FreeBSD MD5 [32/32]... DONE Raw: 5999 c/s real, 6262 c/s virtual Benchmarking: OpenBSD Blowfish (x32) [32/32]... DONE Raw: 362 c/s real, 370 c/s virtual Benchmarking: Kerberos AFS DES [24/32 4K]... DONE Short: 213350 c/s real, 215941 c/s virtual Long: 593561 c/s real, 595945 c/s virtual Benchmarking: NT LM DES [32/32 BS]... DONE Raw: 3056787 c/s real, 3062913 c/s virtual Al
participants (1)
-
Al Bogner