[Beowulf] Password mining

Chris Samuel chris at csamuel.org
Fri Feb 1 21:23:02 PST 2019


On Saturday, 2 February 2019 11:42:26 AM AEDT Robert G. Brown wrote:

> There is an ancient Unix/Linux application called "crack" (it's still in
> at least Fedora, if not all the rest).  At this point it is usually used
> by sysadmins to run on their password file to detect terrible passwords
> when users pick easily crackable ones.

Well that's why Alec wrote it when he was at Aberystwyth, to try and find 
users with weak passwords. :-)

> One part of the (rather
> intelligent -- written by generations of mostly-white hat wizards)
> program checks for common passwords, unchanged passwords (like
> changeme), and then runs the entire dictionary(s) with all reasonable
> permutations of things like S -> 5, E -> 3, L -> 1.

Yeah, Crack has a rule based system to express all the types of munging you 
would want to try, as well as the ability to add dictionaries and split the 
run up over multiple machines.

ObHPC: the "John the Ripper" password cracker includes GPU support, at
${JOB-3} one of our HPC sysadmins was running it there to check our users 
passwords. We found that the OpenCL version was (then) faster than the 
straight CUDA version.

All the best,
Chris
-- 
  Chris Samuel  :  http://www.csamuel.org/  :  Berkeley, CA, USA





More information about the Beowulf mailing list