Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 2 Jun 2005 08:47:20 -0700 (PDT)
From: Fredrick Regnery <fwregnery@...oo.com>
To: john-users@...ts.openwall.com
Subject: Re: using John to crack MD5 password with more than 13 characters

dear Alceu,
Thank you.I await your reply .mon_hl@...mail.com
Regards,
Fred

"Alceu R. de Freitas Jr." <glasswalk3r@...oo.com.br> wrote:
Hello everybody,

I have an web application that uses MD5 and base64
encoding to protect users passwords. I would like to
run john against these passwords and check for weak
ones.

The problem is, when I try to simulate something like
the Linux shadow file, john complains that no password
was loaded.

I decided to make some testing using Perl:

C:\Documents and Settings\br04196>perl -MDigest::MD5
-e "$ctx=Digest::MD5->new;
$ctx->add('bunda'); print $ctx->b64digest"
VbDIbtdTJqQrekjD+/Z7rw

Then I created a new file with:

smithj:VbDIbtdTJqQrekjD+/Z7rw:10063:0:99999:7:::

It didn't work either. I tried using "hexdigest" and
"digest" from the same module, with the same result.

There is any way to use John the Ripper to help with
that?

Thanks,


__________________________________________________
Converse com seus amigos em tempo real com o Yahoo! Messenger 
http://br.download.yahoo.com/messenger/ 

Content of type "text/html" skipped

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ