Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 9 Apr 2006 03:10:38 +0300
From: Ali Polatel <>
Subject: Re: Using John for cracking single hashes

 Thanks a bunch.It works now.What are the avaliable formats that I can use? I couldn't find an exact list of the avaliable formats in the documentation.
 					       Ali Polatel

On Sun, 9 Apr 2006 03:22:04 +0400
Solar Designer <> wrote:

> On Sun, Apr 09, 2006 at 01:37:23AM +0300, Ali Polatel wrote:
> > I wonder if I can use john to crack single hashes that I have.
> Yes, you can.
> > For example I have the MD5 hash 5d41402abc4b2a76b9719d911017c592 which is 'hello' and I want to crack it with john.
> You should place it in a file like this:
> fakeusername:5d41402abc4b2a76b9719d911017c592
> Then you need to use a build of John with either the contributed raw MD5
> support patch or the jumbo patch.  (The official John does not support
> raw MD5 hashes.)  You run it like this:
> 	john --format=raw-md5 pw
> where "pw" is your filename.  This gives:
> $ ./john --format=raw-md5 pw
> Loaded 1 password hash (Raw MD5 [raw-md5])
> hello            (fakeusername)
> guesses: 1  time: 0:00:00:00 100% (2)  c/s: 19850  trying: hello
> > I have tried but couldn't make it work. I have put it in a file and ran john file first , it couldn't load any hash. Then I have put it in the format user:hash to the file and ran john file again .This time john said :
> >  Loaded 2 password hashes with no different salts (NT LM DES [32/32 BS])
> > 
> > which is weird too.
> You were really close to getting it to work.  The only remaining
> problems were the fact that John lacks raw MD5 support (except with
> contributed patches) and that hex-encoded raw MD5 hashes look exactly
> the same as PWDUMP'ed LM hashes, so John can't distinguish the two.
> > Adding the --single option didn't change anything.
> Indeed - it is completely irrelevant to your problem.  You might want to
> read the documentation.
> -- 
> Alexander Peslyak <solar at>
> GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
> - bringing security into open computing environments
> Was I helpful?  Please give your feedback here:
> -- 
> To unsubscribe, e-mail and reply
> to the automated confirmation request that will be sent to you.

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ