Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 28 Aug 2014 14:13:27 +0000
From: "Williams, Jason (Lake Mary)" <Jason.Williams@...erv.com>
To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com>
Subject: John not finding mscash2 passwords

I'm working on cracking mscash2 passwords that were recovered using cachedump in Metasploit, but it's not cracking the passwords.  Initially I just assumed that I didn't have correct password in the wordlist, but then I tested it with my an account where I know the password, and John still will not crack it.

When I ran cachedump, it puts the hashes in John the Ripper mscash2 format, which I copied that into a text file.  I created a line separated wordlist file with various passwords, including the known passwords.  Then ran john with:

John -format=mscash2 -wordlist=./password.txt ./hashes.txt

However, I get:

0g 0:00:00:00 DONE (2014-08-28 09:52) 0g/s 16.36p/s 65.45c/s 65.45C/s
Session completed

The hashes are loading, because it does give me:

Loaded 4 password hashes with 4 different salts (mscash2, MS Cache Hash 2 (DCC2) [PBKDF2-SHA1 128/128 SSE2 4x])

I just did a fresh install/compile of the bleeding-jumbo git version on 64-bit Ubuntu.

Any thoughts?

Thanks

Jason


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.