hons.un-excogitate.org

Running jtr-1.6.37-mpiwlcmf2 on LM passwords with a basic wordlist

Using the default password.lst file i attempted to run a crack against the Samba/LM password file created for last semesters work.

This test was once again performed on a single obsidian node (comp-pvfs-0-3) - the command was executed:

 mpirun -np 2 -nolocal -machinefile ~/machines2 ./john --wordlist=password.lst --rules smbpasswd

Initially i believed there were problems as the program appeared to quit almost immediately after pressing enter. Both the *.log and *.pot files had no entries for successful cracks, so i assumed something was broken.

To test this, i created a new smbpasswd file which had passwords based (or copied) from the password.lst wordfile.. i then executed:

 mpirun -np 2 -nolocal -machinefile ~/machines ./john --wordlist=password.lst --rules smbpasswd-test

Within 1 second all of the passwords were cracked...

I then realised that attempting to run a pure wordlist attack using the password.lst file against the initial smbpasswd file would in fact not crack any of the passwords successfully at all - and the reason the program appeared to quit for no reason was because it had actually successfully attempted to crack every word within the password.lst file (and 57 various permutations of each word) and had finished without a successful hit!

Mental note: A single opteron processor can crack ~ 4,128,614 LMhashes per second - so a wordlist file with 2290 lines is nothing.