Date: Mon, 10 Nov 2008 10:22:03 +0100 From: Simon Marechal <simon@...quise.net> To: john-users@...ts.openwall.com Subject: Re: MD5 cracking - finding out substring JoHnY wrote: > Hello all, > > I have a problem which someone might be able to help me with. > First let me explain what I am trying to acomplish. > I have an MD5 hash of 52-character string (generated by PHP's md5() function), most of the string is known to me, the only parts of the string which are unknown and thus I am trying to find out, are just two substrings, one 4-character long substring at one position of the string and one 3-character long substring at another position (both positions are fixed), both substrings containing just numbers, so theoretically it's a very easy and quick job for john. > Now, what is the problem and what I want to find out. > I have patched john with Raw-MD5 patch, compiled john, Raw-MD5 works fine. First question is, is Raw-MD5 correct for cracking MD5 from within PHP's md5() function? I assume it is, but just want to make sure. > I have put the known part of the string to the wordlist (so it is the only string in the wordlist) and created a wordlist rule to insert digits at the position of the unknown parts of the string. The rule looks like this: > li2[0-9]li3[0-9]li4[0-9]li5[0-9] li7[0-9]li8[0-9]li9[0-9] > Everything would be fine up to this point, but the problem is that john somehow can't handle more than 32-character passwords (or the Raw-MD5 patch can't), so the 52-character long string gets cut I have tried to increase the PLAINTEXT_LENGTH define in rawMD5_fmt.c, but it didn't help. > However, what's strange to me, is that when I run john with --stdout option so that it only outputs all passwords to be tried to standard output, it prints the whole 52-character strings, but when I let him crack it, it cuts the passwords he tries to 32 bytes (when I abort john, it outputs the last tried password and it's cut to 32 characters) > Does anyone know how what to change in john's sources to be able to try the string longer than 32 characters? Hello, the raw-md5 is indeed the right patch. You might want to alter rawMD5_fmt.c, and change the PLAINTEXT_LENGTH parameter, then recompile. However I believe it would be faster to do it in php, as there are only 10^7 possibilities. -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ