Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 2 Jun 2005 08:49:15 -0700 (PDT)
From: Fredrick Regnery <>
Subject: Re: using John to crack MD5 password with more than 13 characters

Dear Sir,
I await your response.

Denis Ducamp <> wrote:
On Thu, Jun 02, 2005 at 12:03:33PM -0300, Alceu R. de Freitas Jr. wrote:
> Hello everybody,


> I have an web application that uses MD5 and base64
> encoding to protect users passwords. I would like to
> run john against these passwords and check for weak
> ones.
> There is any way to use John the Ripper to help with
> that?

By default john only knows about "Unix'md5" not raw md5. You have to apply
the raw-md5 patch and try with --format=rawMD5.

The format of the password should be the same as the one from openssl :
$ echo -n bunda | openssl md5

Have fun,



Content of type "text/html" skipped

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ