Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 20 Apr 2012 16:43:25 -0500
From: "jfoug" <jfoug@....net>
To: <john-users@...ts.openwall.com>
Subject: RE: Re: Extract the cracked pass from John.pot

>> $1$10407469$8SlB7veJpGYOpG.avnRgT.:7jeJCek5H3xi2
>> $1$HVL$YkjOda0UYVfukIa.neSJd0:7jeJCek5H3xi2
>> $1$PRN$PxPp5PQ7nz5kgpGmztuuj.:7jeJCek5H3xi2
>>
>> Ouchhhh !! so that mean they are no DES but Plain cracked Pass !!
>that's right ?
>
>Well it does seem so but I am yet to confirm them (maybe later). That
>would be a freaking b@...rd of a plaintext to crack for crypt-md5
>though, you must have done something very right or you were extremely
>lucky. Or something else :)

Looks like conversion of some uninitialized pointer or something.  NOTE, the
'pw' is exactly the same for every line.  Looks very busted to me.

This is why I added the code to the test suite, to rip the passwords OUT of
the .pot file, and to re-run using them as the dictionary.  This shows that
the build of john can both properly crack the data, AND that it writes the
proper data to the .pot file.   But here, I am pretty sure, the cracked
passwords are bogus.

You might want to see if you can find them in the john.log file. Possibly it
was written there correctly.

Jim.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.