Date: Sun, 13 Aug 2006 17:38:38 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: practice cracking passwords

I've been asking this before, but I'll repeat for those who have joined
us on this list just recently (welcome!) -

Whenever you post something on a new topic, please be sure to post it as
an entirely new message - _not_ by hitting "Reply" on someone else's
posting.  Please also make sure to set a descriptive message Subject.

If you see that someone else has not followed this procedure, but you'd
like to comment on their message, please change the Subject (like I did
now), but do not break the existing thread (so "Reply" to the message).

On Sun, Aug 13, 2006 at 11:38:15AM +0100, Jack Sparrow wrote:
> can you give me a site where i can practice cracking passwords...

I can interpret your question in a number of different ways, so you
might want to clarify it.

If you are looking for sample password files with hashes to crack, then
you can try the following Google queries:

root "$1$"
99999 7 "-1"
12eMC4Wi9/C9o
"Administrator:500"
134539228
134540332
134540308
134539252
"enable secret 5"

and many others - just be creative.

For those curious, "12eMC4Wi9/C9o" is the first most common password
found on JtR 1.7's password.lst hashed with the traditional crypt(3)
using the password itself as the salt (a fairly common mistake), and the
large numbers are pointer values from uninitialized stack space from
Red Hat Linux 6.x (and similar) systems that used libpwdb.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Was I helpful?  Please give your feedback here: http://rate.affero.net/solar

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ