Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 10 Jan 2013 02:11:32 +0000
From: shane Shane <shane@...twareontheside.info>
To: john-dev@...ts.openwall.com
Subject: Re: npdf2john

You need root even when looking at the file system from eclipse or adb
shell to get the local data but if you clear the local cache and then
choose to store on sd card and login in again it will store on the sd card
so you can grab the data. Here is some sample data from my droid, with a
fake lastpass account.
Email:test@...twareontheside.info
Password:testtest

http://ubuntuone.com/6aOO2QeuN5ZIDU8z0y3Oss

On Wed, Jan 9, 2013 at 9:32 PM, shane Shane <shane@...twareontheside.info>wrote:

> Yeah I think you can do it with developer mode enabled from eclipse. If
> you go into the DDMS view in eclipse. I'll have a little look at it tonight.
>
> On Wed, Jan 9, 2013 at 6:58 PM, Milen Rangelov <gat3way@...il.com> wrote:
>
>> Thanks for those!
>>
>> I can now confirm that LastPass Chrome and Opera work the same way on
>> Windows/Linux/OSX. I also tried to analyze Android's implementation, but
>> apparently it does not keep profile data (just the encrypted XML file which
>> contains URLs/passwords) on the SD card even if "store on SD card" option
>> is enabled. Maybe that's a stupid question not asked on the right place,
>> but does anyone know a way to access the Android phone's internal memory
>> filesystem other than rooting it?
>>
>>
>>
>> On Fri, Jan 4, 2013 at 9:38 PM, Rich Rumble <richrumble@...il.com> wrote:
>>
>>> On Fri, Jan 4, 2013 at 10:21 AM, shane Shane
>>> <shane@...twareontheside.info> wrote:
>>> > I don't mind looking into the LastPass on windows. I'm usually a Linux
>>> guy
>>> > but I have a box I dual boot at home but I'll have to talk to my
>>> supervisor
>>> > for my 4th year project first. I want to help out with john's
>>> development
>>> > but I want to make sure I'm getting academic credit for it and at the
>>> moment
>>> > the scope of the project is only to do with distributed document
>>> cracking.
>>> I've added about 8 files (in one zip)for win32 Lastpass with a
>>> Readme.txt further explaining what each file is, but the filenames
>>> should be very clear on what they are.
>>> http://openwall.info/wiki/john/sample-non-hashes#LastPass
>>>
>>> For example:
>>> LP_win32_ff_500_password12345678.xml
>>> Lastpass, windows, firefox, 500 iterations, password12345678. The
>>> email/username if needed is also included in the readme.
>>> I've also exported the sqlite 3 chrome files to plain-text SQL files
>>> if that helps anyone.
>>> -rich
>>>
>>
>>
>

[ CONTENT OF TYPE text/html SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ