Here is file "with passwords" which I've created and my file with "words": $ echo -n cool | md5sum b1f4f9a523e36fd969f4573e25af4540 - $ cat md5_3 user:b1f4f9a523e36fd969f4573e25af4540 $ grep '^cool$' words_c1 cool $ wc words_c1 92151 92151 914294 words_c1 $ john --wordlist=words_c1 --format=raw-md5 md5_3 Loaded 1 password hash (Raw MD5 [raw-md5 MMX]) guesses: 0 time: 0:00:00:00 100% c/s: 11518M trying: coola Then I delete first word from my wordlist file and try again: powerman@home ~/tmp/hack/hack4u $ wc words_c1 92150 92150 914259 words_c1 $ john --wordlist=words_c1 --format=raw-md5 md5_3 Loaded 1 password hash (Raw MD5 [raw-md5 MMX]) cool (user) guesses: 1 time: 0:00:00:00 100% c/s: 10238M trying: cookys - cool Also I found it's enough to delete last 3 chars "etz" from first word in this file instead of deleting first word. I'll attach gzip'd version of words_c1 to this report.
Created attachment 86521 [details] wordlist This is minimal version of wordlist which has this bug.
I just got reply from patch author: ---cut--- From: bartavelle <bartavelle@bandecon.com> To: Alex Efros <powerman@powerman.asdfGroup.com> Subject: Re: johntheripper-1.6.40 skip words from wordlist yes this is a bug i found and forgot to advertise, because i mainly use btb now :( you should change: memset(saved_key, 0, PLAINTEXT_LENGTH*MMX_COEF); by memset(saved_key, 0, sizeof(saved_key)); The same bug could also be in sha1 and md4 stuff i made. In doubt you can always use the latest tree, where i fix bugs as soon a i find them (http://www.bandecon.net/misc/myjohn.tgz). It is not suited for inclusion into a distribution, but you'll find there AMD64 support for md5 (20% speedup approx.). ---cut---
Should now be fixed in CVS. Thanks