Date: Fri, 1 Jul 2005 17:23:09 +0000 (UTC) From: Ikari <deug1a@...oo.fr> To: john-users@...ts.openwall.com Subject: Re: understanding the encryption method Lyn Scott <lindey_scott@...> writes: > > > Hi all, > > I have an OpenUnix 8.0.0 box and i am trying to check > the /etc/shadow. I have an user (e.g something like > this user_1:ThnJx./KPgulI) so am i rigth if i suppose > that crypt/DES is used ('cause the string is 13 char > long/with Th is my Salt). When i check the john.pot it > gives me a result for my usrer_1 (e.g my_passw). But > my real password for user_1 is not my_passw but > my_passwd. So how can you use john for password longer > as 8 char (using crypt/DES). > I have another question... I have another Linux box > (Suse9.2) The /etc/shadow is encrypted using BlowFish. > How can I recognize if the Password is encrypted using > BlowFish or DES. > > thx in advance > > > __________________________________ > Yahoo! Mail > Stay connected, organized, and protected. Take the tour: > http://tour.mail.yahoo.com/mailtour.html > > Hello, Concerning your first question : generally old systems like the OpenUnix you're quoting are using old DES encryption scheme which limits the size of the password to 8 characters. So even if you enter a 15 chars long password it will automatically be truncated to 8 chars by the system and only those 8 chars are then encrypted. So don't worry john has found the right password. Anyway to go further on this question on systems using schemes like MD5, blowfish... password can be longer and to tell john to go beyond 8 chars you'll have to modify one or more sections of john.ini to set max password length not to 8 but to whatever you want. Anyway i don't think you'll find a password longer than 8 un less you know part of it... Concerning your second question : when you supply the password file using to john it should automatically tell you which crypt scheme has been used. Furthermore to distinguish DES from Blowfish: blowfish encrypted passwords are generally a very long string with one or several $ in the beginning of this string. I hope this answers helps you. See you. Ikari.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ