[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 20 Sep 2011 14:21:04 -0500
From: "jfoug" <jfoug@....net>
To: <john-users@...ts.openwall.com>
Subject: RE: Mac OS X 10.7 Lion password hashes (salted SHA-512)
>From: Solar Designer [mailto:solar@...nwall.com]
>
>On Tue, Sep 20, 2011 at 01:19:07PM -0500, jfoug wrote:
>> I think that is ideal. A standard john tool (lion2john) to
>> double base64 the input file,
>
>I could be wrong, but I think there's no _double_ base64 encoding on
>actual systems. What we see at:
I just went of how one of those links 'read'. It sounded like a double
base-64. The first to decode to the xml file, the second decoded the xml
variable contents. Now, I do not have a mac, so can not test at all to know
what is right/wrong in how I interpreted what I read.
>I think we should omit the dollar sign after the salt, because the salt
>is binary and fixed-length, and because people seem to be already using
>136-hex-character strings. So we'll just prefix those strings with
>$LION$ when we can, and we'll read them without the prefix as well (even
>though this might end up being ambiguous at a later time).
>
>Sounds fine?
That probably would be better, and would give us an easier to deal with
plain hash, for prepare to make 'right'.
Jim.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux -
Powered by OpenVZ
