Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 06 Sep 2007 00:58:01 +0200
From: Michal Luczaj <regenrecht@...pl>
To:  john-users@...ts.openwall.com
Subject: Re: Lotus Domino 6 and 7 multiple hash formats... Can
 JtR crack?

Danett song wrote:
> <input name="$dspHTTPPassword" type="hidden"
> value="(GFmjA4YmP9C05vHn09gI)">
>
> Is this format a new format? Not anymore based in RC4?
> Can JtR Break this format (with which module and any
> link or example?)? I tried Lcrack and Lotus Hash
> Breaker WITHOUT sucess. :(

Right, this seems to be a typical Domino salted hash. And, yes, there is
a patch for John (at least one) to handle those, you can easy find it on
the main page of John the Ripper project:
http://openwall.com/john/contrib/john-1.6.39-dominosec-3.diff.gz .

Or, even better, you can download jumbo patch set (which contains this
and many more modules; yet again, available from John's web page...
which is http://openwall.com/john/).

You might want to search john-users MARC archives (for "domino hash") to
find some more details about Domino hashing functions here:
http://marc.info/?l=john-users&m=114900803822942&w=2 .

Unfortunately, I can not help you with meanings of $dspPasswordDigest
and $dspNetUserName although they might represent Domino saltless
hashes. Just give it a try (John's format name: lotus5, also in the
jumbo pack).

Hope it helps,
michal


-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ