Believe it or not, I am not a hacker.... I have an account on yahoo that is mine, but i forgot the password to. It have very valuable pictures on it, and I really wont them back, can you please help me? I have not clue what u r talkin about in those emails, so could you please explain in easier terms please? I really wont those pictires back. PLEASE?


P.S. I AM NOT A HACKER AND NEVER WILL BE, I HATE HACKER THEY CAUSE TOO MANY PROBLEMS SO WILL YOU PLEASE HELP ME?????
THANK YOU
It is not clear to me why you had to do that on your own. You could
have simply downloaded this:

ftp://ftp.openwall.com/pub/wordlists/all.gz

or you could have purchased it and more on CD:

http://www.openwall.com/wordlists/
That way you've likely made the hashes per salt ratio worse for all 4
instances, thereby decreasing the effective c/s rate.

How many password hashes did you have in your full password file (the
halves, the way John reports them on load)? If it's under 1000, then
the hit of using this approach is not that bad. However, if you had,
say, 10,000+ of them, then there may be no gain from running this on 4
CPUs like that (as opposed to using just one CPU) - and you need to use
a better approach (see below).

Basically, you need to add up the numbers of different salts as reported
by your four instances of John and compare that against the number of
different salts that one instance of John would report when run on the
original password file. If these numbers are close, you're fine. If
there's a substantial difference, that is how much processing power
you're wasting by using this approach.
You did not need to use different directories. They can share the same
john.pot just fine - this is a feature. You merely needed to supply
different session names.
Do you mean, you've changed the "Wordlist = ..." in john.conf, then ran
the 4 instances with no options (for batch mode)? OK, that would
explain why you needed different directories.
No - see above about the hashes per salt ratio.
1. You need to run "single crack" on all of your accounts at once. John
might crack more passwords this way.

./john -single passwd

2. It is unimportant whether or not you distribute wordlist-based
cracking over all of your CPUs. However, if you do, you may want to
split the wordlist into 4 parts and not split the password file. Rather
than use 4 separate directories, you'd run:

./john -se=w1 -w=words1.lst -rules passwd
./john -se=w2 -w=words2.lst -rules passwd
./john -se=w3 -w=words3.lst -rules passwd
./john -se=w4 -w=words4.lst -rules passwd

(on four different terminals - or simply background the commands and
logout).

3. Once you're done with the wordlists, proceed with "incremental" mode
as I had suggested in my previous response (have different instances try
different password lengths).

Of course, you can script these three steps.

4. Set "Idle = Y" in john.conf.

5. Oh, and you should be using John 1.6.38 (development) - or whatever
version is current - for best performance.
It is unrealistic that John would crack a password "wrongly". More
likely, the system has other measures preventing access to those
accounts, like account or password expiration. It is also possible that
another password database is being consulted at login time, not the
password file which you've grabbed.
--
Alexander Peslyak
GPG key ID: B35D3598 fp: 6429 0D7E F130 C13E C929 6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Was I helpful? Please give your feedback here: http://rate.affero.net/solar

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

There is an easier and more flexible way to parallelize step 2 and 3
at least if your OS (and your filesystem) supports named pipes (probably
any flavor of Un*x).

You can simply create a named pipe (Linux: "mkfifo johnpipe")
and let one instance of john write the password candidates into:
Step 2:
john --stdout -w=words.lst -rules > johnpipe
Step 3:
john --stdout -inc > johnpipe

Then you can create an arbitrary number of real cracking sessions which
read the candidates from the pipe:
./john -se=w1 --stdin passwd < johnpipe
./john -se=w2 --stdin passwd < johnpipe
...

That's it. No hacks, no patches not even a change to the configuration files.

A further advantage of this approach is that you can dynamically add
and remove sessions just by aborting / starting them and you don't
have to care how to split the password range. Additionally if you
are using nfs the single john sessions donot even need to run
on the same computer. They simply need the same filesystem.

One remark:
The candidate creation instance of john will use almost no computing time
so you can savely start it together with four real crackers on a 4CPU system
(I started it once with 12 "clients" and it had about 5% cpu load on a 1GHz
machine)

Yours,
Michael

P.S: I did not invent this method, but I forgot where I read this first.

Breaking the password file apart randomly causes duplicate salts to be used
across the password files, but what if you broke the password file apart
based upon salt?

Then for every salt, there would only be 1 set of passwords still. right?

Another thing I am wondering about is how does John crack partial passwords?
Many passwords have just two or three characters cracked. However I thought
that with a hash, the output varies widely depending on the input. This
should means that you can not just try words and see if some of the
characters match up. Since this is obviously not the case (unless I am
missing something), how is it possible to find these partial passwords?


Thanks!

Stephen