Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 10 Apr 2012 12:01:18 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-dev@...ts.openwall.com, john-users@...ts.openwall.com
Subject: Re: Mac OS X keychains and FileVault

On Mon, Apr 9, 2012 at 11:10 PM, Dhiru Kholia <dhiru.kholia@...il.com> wrote:
> On Sat, Apr 7, 2012 at 5:53 PM, Solar Designer <solar@...nwall.com> wrote:
>>> http://www.ucc.asn.au/~matt/src/ - extractkeychain-0.1.tar.gz
>
> I have implement a JtR plug-in for cracking Mac OS X Keychain
> passwords based on extractkeychain-0.1.

There is a bug in the current code which leads to large number of
false positives. The problem is that only checking padding bytes is
not enough to detect wrong passwords. Code to calculate and check
HMACSHA1 check sum needs to be figured out and implemented to get rid
of these false positives. extractkeychain-0.1 too does not implement
this check.

-- 
Cheers,
Dhiru

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.