Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 12 Apr 2006 04:28:19 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: input-format for afs/kerberos4

On Tue, Apr 11, 2006 at 10:55:25AM +0200, thomas springer wrote:
> I'm on my way on puttung together a "john for dummies".
> I put together a bunch of "hashfiles" in every supported format. while
> this "mostly" worked fine, I was not able to guess the correct format
> for AFS/KRB4-Hashes.
> Maybe someone can provide a valid Hash-Format for use with
> john --format:AFS <file> ??

All you needed to do is look inside AFS_fmt.c for the hashes that are
used for self-tests.  Here they are:

static struct fmt_tests tests[] = {
	{"$K4$e35e9294ecef926d,0123", "U*U*U*U*"},
	{"$K4$64c7c2aedccd70d6,0123456789", "U*U***U*"},
	{"$K4$d9e985b36268f168,01234567", "U*U***U"},
	{"$K4$b9615786dfb53297,longcellname", "longpassword"},
	{"$K4$a8dc8aeaa2c48a97,", ""},
	{"$K4$dfda85c7619183a2,XXXXXXXX", "XXXXXXXX"},
	{"$K4$e3e59de6f1d5eaf4,cell", "password355"},
	{"$K4$b02cc24aefbc865b,", "thisisaverylongpassword"},
	{NULL}
};

You can put them into a passwd-like file for use with John, like this:

alter:$K4$e35e9294ecef926d,0123
longone:$K4$b9615786dfb53297,longcellname
null:$K4$a8dc8aeaa2c48a97,
pr0n:$K4$dfda85c7619183a2,XXXXXXXX
xxl:$K4$b02cc24aefbc865b,

A real-world file output by "unafs" will have the same cell name on all
entries, though.

John treats cell names as salts because this reflects the effect they
happen to have on password cracking.  So the above file will appear to
have "4 different salts".

P.S. The preferred syntax for John's command-line options that I
currently use for the documentation is GNU-style - it uses "=" instead
of ":" to separate option names and parameters.  The rationale is that
"=" can usually be typed without Shift, that it is compatible with
filename completion in common Unix shells, and finally that this is the
GNU long options convention which is now widespread.

Thanks,

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ