Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Wed, 28 Jul 2010 11:18:52 -0400
From: "Robert Harris" <rs904c@...scape.net>
To: <john-users@...ts.openwall.com>
Subject: RE: HMAC-MD5, SMTP AUTH CRAM-MD5

John-Users,

I just compiled and uploaded JtR 1.7.6 with both the jumbo 6 and the
MSCHAPv2 patches for windows and linux.

See http://openwall.info/wiki/john/custom-builds for further details.

Enjoy

-Robert Harris

-----Original Message-----
From: Solar Designer [mailto:solar@...nwall.com] 
Sent: Tuesday, July 27, 2010 4:33 PM
To: john-users@...ts.openwall.com
Subject: [john-users] HMAC-MD5, SMTP AUTH CRAM-MD5

Simon, all -

Today I happened to use the HMAC-MD5 "format" - hmacMD5_fmt.c (in the jumbo
patch) contributed by Simon - to see if a spammer had found and used a weak
password (and this proved to be the case, although indeed I can't rule out
the possibility that the password leaked from the user's computer rather
than was cracked remotely).  While doing this, I ran into and fixed a bug in
hmacMD5_fmt.c.  The fix is included in john-1.7.6-jumbo-6, which I've just
released, and I've also attached just the fix (against 1.7.6-jumbo-5) to
this message.

http://www.openwall.com/john/#contrib

Here's how to crack/check/audit SMTP's AUTH CRAM-MD5 exchanges with this:

Capture an SMTP session with a sniffer.  You need traffic in both
directions.  The client will send the "AUTH CRAM-MD5" command, the server
will respond with a base64-encoded challenge, and the client will similarly
provide a base64-encoded response.  You need the challenge and the response.

base64-decode the challenge and the response, e.g. using "base64 -d"
(from GNU coreutils) or "openssl base64 -d".  The decoded challenge will
typically look like:

<12345.1234567890@...ver.example.org>

(where the numbers are typically a Unix process ID and a Unix timestamp).

The decoded response will look like:

username 01234567890123456789012345678901

The second field of it is a hex-encoded MD5 digest value (yes, it was
encoded twice).

Then construct a line usable by JtR:

username:<12345.1234567890@...ver.example.org>#01234567890123456789012345678
901

and simply run "john" on the file (no options are needed, the "format"
should be autodetected).

The above line is loaded just fine by john-1.7.6-jumbo-6 for me, but indeed
the password is not expected to be cracked because I did not post a real C/R
pair - sorry, the one I was dealing with in practice is still valid and is
otherwise security-sensitive.  Maybe someone else will post a real-world
example.

As usual, it is possible to have multiple lines like this in the same file.
This only makes sense for different target accounts (there's usually no
point in attacking different C/R pairs for the same account).

I hope someone will find this helpful.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.