Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 22 Apr 2008 10:39:45 -0400
From: Bill Gurley <gurley@....chem.utk.edu>
To: john-users@...ts.openwall.com
Subject: help with openldap ssha

Greetings:

I've searched the john-users archives on this, and I'm still having 
trouble...

I have a server where authentication is done via openldap.  I want to 
check for weak passwords, so I've been trying to get set up to use john 
to do this.

Openldap uses ssha hashes that are base64-encrypted.  I've managed to 
get around all of that using ldapsearch and some clumsy bash scripting, 
to end up with a file listing of lines like this:

username:{SSHA}K7q2LHSUwhjkpJHkOZQuDoaYNIkdKjBv

That is, each line has a username, followed by a colon, followed by the 
SSHA hash of the password.

I have tried running john on this file, using commands like this:

john --format=ssha test.txt

john --format=nsldap test.txt


I am using john-1.7.2, with this patch:

john-1.7.2-all-12.diff

The patch seems to add support for ssha, although it is for "Netscape 
LDAP SSHA".

So far, I have not been able to get any response other than:

No password hashes loaded


Can someone tell me what I'm doing wrong?  Is my password file format wrong?


Thanks,


-Bill-

---------------------------------
  Bill Gurley, Technical Director
  Department of Chemistry
  Univ. of Tennessee, Knoxville
  865-974-3145


-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.