Today I discovered an annoying problem with the way John the Ripper handled a dictionary attack agains unix md5 password hashes when using a dictionary with passwords longer than 15 characters. It appears that JTR has some sort of internal limit for freebsd md5 passwords that are longer than 15 characters. No mangle rules were applied and I spent far too long looking through the john.conf file and cannot find any reason this happens. Suggestions welcome if this isn't a bug. I'm using backtrack 4R1.

Example:
Password for account "test" is set to "abcdefghijklmnopqrstuvwxyz".

root@bt:~# cat test.pw
test:$1$QLcqPlQr$c5MNoQk9t9EDbf3IdPIbE/:14890:0:99999:7:::
root@bt:~# cat wordlist
abcdefghijklmnopqrstuvwxyz
root@bt:~# cd /pentest/passwords/jtr
root@bt:/pentest/passwords/jtr# ./john --wordlist=/root/wordlist /root/test.pw
Loaded 1 password hash (FreeBSD MD5 [32/32])
guesses: 0 time: 0:00:00:00 100.00% (ETA: Thu Oct 7 22:29:40 2010) c/s: 33.33 trying: abcdefghijklmno