Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 10 Sep 2012 03:20:10 +0400
From: Alexander Cherepanov <cherepan@...me.ru>
To: john-dev@...ts.openwall.com
Subject: Re: Cracking Mountain Lion hashes (WIP)

On 2012-09-08 15:38, Dhiru Kholia wrote:
> On Sat, Sep 8, 2012 at 12:08 AM, Lukas Odzioba <lukas.odzioba@...il.com> wrote:
>> 2012/9/7 Dhiru Kholia <dhiru.kholia@...il.com>:
>>>> Now we have test vector so making patch for it will be easy.
>>>> I'll send it within an hour. Hopefully JtR will be first 10.8 password cracker:)
>>>
>>> Cool. Let me know if you need more test vectors. I can generate them tomorrow.
>>
>> Can you make changes to ml2john.py so it will out ciphertext
>> exctracted from shadowhash field?
> 
> Done. ml2john.py is now committed to magnum-jumbo.

IMHO it's better to document script's origin earlier than later. Where
it came from, copyrights, licenses...

> Sample Output: lulu.plist:$ml$23923$c3fa2e153466f7619286024fe7d812d0a8ae836295f84b9133ccc65456519fc3$ccb903ee691ade6d5dee9b3c6931ebed6ddbb1348f1b26c21add8ba0d45f27e61e97c0b80d9a18020944bb78f1ebda6fdd79c5cf08a12c80522caf987c287b6d
> 
> Format : filename:$ml$iterations$salt$hash

Isn't it better to print user name in the first field as usually done in
other formats?

-- 
Alexander Cherepanov

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ