Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 6 Mar 2015 17:28:08 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Generic crypt(3)

Hi,

I tried to crack my password with John the Ripper jumbo. There are two
password
, one is right-format and another one is changed by AFL(American Fuzzy Lop).

right-format one: (there is one line)

 root:$6$FrkHWlkw$m8p79w.oVQm8ZOmlC4BgHJgPBvfHVkmUdcSv5ayO5FcTE
3PPCNP8CV8NBemI6v3vO2hdNJ9mkilnSQHAmdbEe.:0:0:root:/root:/bin/bash

changed one    :(there is one line)

root:$6$FrkHWlkw$m8p79w.oVQm8ZOmlC4BgHJgPBvfHVkmUdcSv5ayO5FcTE
3PP�NP8CV8NBemI6v3vO2hdNJ9mkilnSQHAmdbEe.:0:0::/root:/bin/bash

The right-format one took a lot of time and I canceled. The changed one
took a lot of time too. I think
the changed one is wrong-format. Since there is a character "�" . crypt(3)
man page shows that the
format should be : "$id$salt$encrypted". Also the characters in "salt" and
"encrypted" are draw from
the set [a-zA-Z0-9./];

However, john did not recognize the changed one as wrong-format and tried
to crack it.

My john is downloaded from:  https://github.com/magnumripper/JohnTheRipper

And my compile steps are: ./configure && make -sj8

Is this a bug?

Thank you in advance.

-- 
loverszhaokai
motto:You got a dream and you gotta protect it.
github:https://github.com/loverszhaokai
blog:http://www.cnblogs.com/lovers/

[ CONTENT OF TYPE text/html SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ