Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 10 Apr 2012 12:01:18 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-dev@...ts.openwall.com, john-users@...ts.openwall.com
Subject: Re: Mac OS X keychains and FileVault

On Mon, Apr 9, 2012 at 11:10 PM, Dhiru Kholia <dhiru.kholia@...il.com> wrote:
> On Sat, Apr 7, 2012 at 5:53 PM, Solar Designer <solar@...nwall.com> wrote:
>>> http://www.ucc.asn.au/~matt/src/ - extractkeychain-0.1.tar.gz
>
> I have implement a JtR plug-in for cracking Mac OS X Keychain
> passwords based on extractkeychain-0.1.

There is a bug in the current code which leads to large number of
false positives. The problem is that only checking padding bytes is
not enough to detect wrong passwords. Code to calculate and check
HMACSHA1 check sum needs to be figured out and implemented to get rid
of these false positives. extractkeychain-0.1 too does not implement
this check.

-- 
Cheers,
Dhiru

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ