Full Disclosure mailing list archives

RE: commerical rainbow crack?

From: "Ian Latter" <Ian.Latter () mq edu au>
Date: Tue, 23 Mar 2004 18:11:59 +1000


Hello Richard,

  I haven't read the whole thread yet, but if this is what you came
to, then there are a couple of other options;

   plJohn
     http://www.hick.org/~johnycsh/code/

  CHAOS
     http://itsecurity.mq.edu.au/chaos/

  plJohn is a perl wrapper for piping one dictionary combo out 
into a swarm of JtR crackers (for an openMosix cluster primarily).
And then CHAOS is a bootable CD implementation of openMosix with
"forkjohn" - a binary version of plJohn that I implemented - to
do the same thing.  Take your closest computer lab and dedicate
the whole thing to the process, and you'll have an audit outcome in
no time (exactly what I built CHAOS in the first place).

  The advantage of this type of usage of JtR, versus systems like
djohn (and a couple of others) is that your don't need to modify the
JtR executable itself -- just pipe what you need around (you could
prolly use your imagination with netcat and get away with using it
without a cluster, if you're looking at something simpler).

  The irony of ironies .. is that *the* password that I wanted to 
audit; I still haven't established the hash-type for, so the primary
purpose has really become moot.


NB: 

  If you're going to end up brute forcing the password, rather than
dictionary-attacking it, then consider Cisilia also;
    http://www.cisiar.org/proyectos/cisilia/home_en.php



----- Original Message -----

From: "Richard Stevens" <richard () tccnet co uk>
To: <full-disclosure () lists netsys com>
Subject:  RE: [Full-disclosure] commerical rainbow crack?
Date: Mon, 22 Mar 2004 21:28:12 -0000

thanks to all for the input., looks like john it is, with a little more patience :)

out of interest, anyone think  a distributed project using john would be useful?  something

like the SETI screen saver thing...

 
 
 
 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


--
Ian Latter
Internet and Networking Security Officer
Macquarie University

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

commerical rainbow crack? Richard Stevens (Mar 22)
- Re: commerical rainbow crack? Max Valdez (Mar 23)
- <Possible follow-ups>
- RE: commerical rainbow crack? Richard Stevens (Mar 22)
  - Re: commerical rainbow crack? Valdis . Kletnieks (Mar 22)
  - RE: commerical rainbow crack? Luke Scharf (Mar 22)
    - Re: commerical rainbow crack? Valdis . Kletnieks (Mar 22)
  - Re: commerical rainbow crack? sith (Mar 22)
  - Re: commerical rainbow crack? aaron (Mar 23)
- RE: commerical rainbow crack? Richard Stevens (Mar 22)
- Re: commerical rainbow crack? Will Image (Mar 22)
- RE: commerical rainbow crack? Ian Latter (Mar 23)