Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Fri, 18 Dec 2009 11:31:44 -0600
From: "Jim" <jfoug@....net>
To: <john-users@...ts.openwall.com>
Subject: RE: JTR and format md5_gen

From: SL [mailto:auditor@...chat.de] 

>md5_gen(7) is md5(md5($p).$s) with a fixed 3-byte salt, if I remember  
>correctly (Jim?).
>For any other md5(md5($p).$s) hash, you should use md5_gen(6).

md5_gen(6) and md5_gen(7) are the same thing, however, the md5_gen(7) 
adds a couple of extra 'validations' when parsing an input line:

First, it stipulates that the salt MUST be 3 and only 3 characters
(shorter or longer will NOT be loaded).  

Second, it will FORCE you to use a different separator char, since
the ':' IS a valid salt character in vBulletin hash/salt pairs, 
and you WILL see them all the time for normal input.

But other than those 2 extra validations, 6 and 7 are the same. You
can use md5_gen(6) to crack vbulletin hashes just fine.  It simply
will not 'hold your hand' validating that salts are 3 bytes, and that
you are properly splitting up the fields.

>IPB2 uses md5(md5($s).md5($p))), so you'd want to use md5_gen(12).
>
>Same procedure as before:
>user[tab]md5_gen(12)HASH$salt
>
>* TAB is field separator
>* $ is salt separator
>* md5_gen(12) is hash type identifier

The only time you 'have' to use a character other than the 'default' 
: as a line separator, is IF the format (the hash, or the salt, or the
user names, or other gecos fields) contain ':' characters.  That is WHY
I added the ability to set it to something else.  You can ALWAYS use a
different separator character and things 'will' work, but there is no
reason you 'have' to use a different character.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.