Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 4 Dec 2006 06:07:49 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: HASH and IBF format

On Sun, Dec 03, 2006 at 03:57:44PM +0100, websiteaccess wrote:
>  usually I use ./john -format=raw-md5 -w:mydict hash.txt for crack HASH 
> from board/forum
> 
>  I don't understand, I have two differents hashes from 2 differents 
> forum, these hashes are differents (but same length, 32 letters/digits),
>  I'm sure it's the same password for both (because I can login in the 2 
> boards).
> 
>  In 1 case JTR crack it, and do not in the other case.

This means that one hash is in fact raw MD5 and the other is not.

>  The uncrackable come from an "IBF" forum.
> 
>  Is there a special syntax to crack HASHES from ibf database ?

As xnix has pointed out, this is Invision Power Board.

The current jumbo patch for JtR is meant to add support for these
hashes, but you also need to extract the salts (they're stored in a
separate database field) and create an input file of the appropriate
format.  Please refer to comments at the top of IPB2_fmt.c (a file added
by the patch) for information on that.  You do not need to specify a
--format option for these hashes; the important thing is to have a file
of the correct format, then it will be auto-detected.

Please don't forget to let all of us know if that's worked for you.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15
http://www.openwall.com - bringing security into open computing environments

Was I helpful?  Please give your feedback here: http://rate.affero.net/solar

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ