Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Fri, 4 Jan 2013 00:53:03 +0100
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Cracking Mountain Lion hashes (WIP)

I found a sample hash at http://hashcat.net/forum/thread-1687.html,

[quote]
Dave Grohl updated his tool for this already. Here's a real life test hash from my MBP. the password is password

localhost:DaveGrohl 2 root# ./dave -S testuser
{
"SALTED-SHA512-PBKDF2" = {
entropy = <86d96abf 4469ed87 87360683 b4e136ef 4264399f bc63040b 1bce9c2c b336a5b9 89b0c626 db57a0ae becadf83 f0d72a59 da0611e0 5c1acbe7 5a2336b6 4afe52be 571bcbae 3ad0dfb1 b4a2abab 68271dc0 04255706 ba0785e1 62528154 e014d24a b0e415b8 bc7b2673 e54c0e1c 530f2947 49947603 181721b2 c00fc69a d2d661eb>;
iterations = 37174;
salt = <455997a0 ed47c93f 71185631 be3a8968 2a924aaa 397df48a 75bdc044 1fa3fc9b>;
};
}

localhost:DaveGrohl 2 root# ./dave -j testuser

testuser:$ml$37174$455997a0ed47c93f71185631be3a89682a924aaa397df48a75bdc0441fa3fc9b$86d96abf4469ed8787360683b4e136ef4264399fbc63040b1bce9c2cb336a5b989b0c626db57a0aebecadf83f0d72a59da0611e05c1acbe75a2336b64afe52be571bcbae3ad0dfb1b4a2abab68271dc004255706ba0785e162528154e014d24ab0e415b8bc7b2673e54c0e1c530f294749947603181721b2c00fc69ad2d661eb
[/quote]

I tried reformatting the tag and salt delimiter but the pbkdf2-hmac-sha512 format wont load it. It seems to be longer than our test vectors. Anyone know what is wrong?

magnum


On 10 Sep, 2012, at 20:30 , Lukas Odzioba <lukas.odzioba@...il.com> wrote:

> 2012/9/10 Lukas Odzioba <lukas.odzioba@...il.com>:
>> My opinion is following:
>> 1) we should have format named "pbkdf2-sha512" in cpu, opencl and cuda versions
>> 2) this format should accept possible common ciphertexts formats
>> (simple modifications to valid() and salt() for every ciphertext
>> format) - for now it should accept grub in it's native form ans
>> "pbkdf2-sha512$...."
>> 3) we do not want fixed salt length's
> 
> 4) user or uid encoded in $ml$ format  +1 from me
> 

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.