Date: Fri, 26 May 2006 21:48:53 +0200 From: "websiteaccess@...il.com" <websiteaccess@...il.com> To: john-users@...ts.openwall.com Subject: Re: how decrypt that ? Le Fri, 26 May 2006 21:11:44 +0400, Solar Designer a écrit: > On Fri, May 26, 2006 at 10:17:35AM +0200, websiteaccess@...il.com wrote: >> How decrypt "30a5f49ccefde0a213536bf2d7d5300d" with AD ? > > Strictly speaking, John the Ripper does not "decrypt" anything - rather, > it cracks password hashes by finding suitable plaintext passwords. your are right :) > > The above encoding could correspond to one of many different hash types - > or it could be not a hash at all, indeed. There are several hash types > that John the Ripper with the jumbo patch supports that would use a hash > encoding like the above, so you have to find out (or guess) and specify > the hash type explicitly. The likely guess is that this is hex-encoded > raw MD5 - because it is so popular with web forums, etc. > > So we place this in a file of the correct format, like this: > > user:30a5f49ccefde0a213536bf2d7d5300d > > Then we run jumbo patched John on the file, assuming that "pw" is the > filename: > > ./john --format=raw-md5 pw > > After a minute or so, we get: > > nermad (user) > > So the password is "nermad". Later, we can do: > > ./john --show --format=raw-md5 pw > > to retrieve the previously cracked password, which obviously gives: > > user:nermad > > 1 password hash cracked, 0 left > thanks you very much, very usefull help.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ