I have been able to crack passwords, given their salts and their hashes, by using brute force.

In the first place, the length of passwords was 3 and the salt length 2:

e.g., hash: rrVo/xC.s5/hQ, salt: rr => password: thr (time: ~0m4.579s)

Now, for passwords of length 4 and salt length 2:

e.g., hash: ss1C5xfz6Nggg, salt: ss => password: four (time: ~7m19.531s)

As I have said, these passwords were obtained using a brute force algorithm. It is useful for short password lengths: as the numbers of characters for the password increase, the required time to break the password grows exponentially.

What I want to know is more efficient technique to reduce the search space.

Additional info:

a) Passwords are created using: A-Z, a-z, 0-9, and symbols: $, #, +, @, =, /, &

b) I have been using the openssl command to generate the hashes and compared them to the given hash

$ openssl passwd -crypt -salt rr thr 

in a bash script.

I have been able to crack passwords, given their salts and their hashes, by using brute force.

In the first place, the length of passwords was 3 and the salt length 2:

e.g., hash: rrVo/xC.s5/hQ, salt: rr => password: thr (time: ~0m4.579s)

Now, for passwords of length 4 and salt length 2:

e.g., hash: ss1C5xfz6Nggg, salt: ss => password: four (time: ~7m19.531s)

As I have said, these passwords were obtained using a brute force algorithm. It is useful for short password lengths: as the numbers of characters for the password increase, the required time to break the password grows exponentially.

What I want to know is more efficient technique to reduce the search space.

Additional info:

1. Passwords are created using: A-Z, a-z, 0-9, and symbols: $, #, +, @, =, /, &

2. I have been using the openssl command to generate the hashes and compared them to the given hash

    $ openssl passwd -crypt -salt rr thr 

in a bash script.