Date: Thu, 06 Sep 2007 00:58:01 +0200 From: Michal Luczaj <regenrecht@...pl> To: john-users@...ts.openwall.com Subject: Re: Lotus Domino 6 and 7 multiple hash formats... Can JtR crack? Danett song wrote: > <input name="$dspHTTPPassword" type="hidden" > value="(GFmjA4YmP9C05vHn09gI)"> > > Is this format a new format? Not anymore based in RC4? > Can JtR Break this format (with which module and any > link or example?)? I tried Lcrack and Lotus Hash > Breaker WITHOUT sucess. :( Right, this seems to be a typical Domino salted hash. And, yes, there is a patch for John (at least one) to handle those, you can easy find it on the main page of John the Ripper project: http://openwall.com/john/contrib/john-1.6.39-dominosec-3.diff.gz . Or, even better, you can download jumbo patch set (which contains this and many more modules; yet again, available from John's web page... which is http://openwall.com/john/). You might want to search john-users MARC archives (for "domino hash") to find some more details about Domino hashing functions here: http://marc.info/?l=john-users&m=114900803822942&w=2 . Unfortunately, I can not help you with meanings of $dspPasswordDigest and $dspNetUserName although they might represent Domino saltless hashes. Just give it a try (John's format name: lotus5, also in the jumbo pack). Hope it helps, michal -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ