Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Wed, 20 Jan 2010 19:41:47 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: john 1.4.2 with jumbo patch 1 - lm hash problem

On Wed, Jan 20, 2010 at 09:43:24AM -0600, Greg White wrote:
> >> Administrator:500:CEEB0FA9F240C200417EAF40CFAC29C3:D280553F0103F2E643406517296E7582:::
[...]
> > Well, you made a typo in the LM hash. With it corrected to
> > CEEB0FA9F240C200417EAF50CFAC29C3 (the correct hash for "TESTTEST"), it
> > gets cracked just fine.
> 
> That is odd.  It is the same hash file I have used for years and john always cracked it.  I will double check my files when I get home.
[...]
> I was using john 1.7.3.1 for the last year or so.

Well, I've just tried cracking your file, the way you posted it (with
the typo) using a linux-x86-mmx build of 1.7.3.1-all-6 on a P3.  I can't
confirm the problem: this older version similarly does not crack the
last "T" unless the typo is corrected.

> I am using BT4 Final and most of the other utilities I run require root privileges.

Understood.

> On my productions Linux systems I always login as a user and sudo or su when needed.

This is commonly regarded as a security best practice, but it is not
necessarily such a great idea.  Not abusing root does not imply that you
have to login as a user and then su or sudo, which has its own added
security risks.  You could want to see:

http://www.openwall.com/lists/owl-users/2004/10/20/6

http://blueroomhosting.com/help/tutorials/ssh-security.pxl
(scroll down to "Direct root login considerations")

Summary: when accessing remote systems, use separate direct logins as
non-root and as root-privileged accounts (as necessary), don't use
su/sudo to elevate privileges.

This is getting off-topic, though, so no follow-ups to this part of the
message on this list, please. ;-)

Alexander

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ