Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 29 Mar 2018 08:29:28 +0200
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Support for cracking hash collisions

Ian,

Please do not hijack threads like you just did.  Please always post to
the proper thread (or start a new one if the topic hadn't been discussed
yet or not recently) and only quote relevant context.

I will briefly reply this one time, but for anything further please use
the existing "dmg file with lost password" thread (which means: "reply"
to a message in that thread):

http://www.openwall.com/lists/john-users/2018/03/27/1

On Wed, Mar 28, 2018 at 07:07:03PM -0400, Ian Boyd wrote:
> Anyone have experience cracking a DMG file on Mac?

I do.  It's sometimes successful (when the password is weak, or when the
person recalls enough info about the password and we focus the attack),
but usually not.

> IF so what is the best Johnny option to use? Been trying to crack for a month now.

I don't use Johnny, but in general you need to provide options and/or
config file edits to JtR to focus the attack based on whatever info
about the password you can recall.  It also helps to run the attack on a
fast machine with discrete GPUs (and enable their use with command-line
options to JtR).

For more detail, please use the proper thread, and if you don't mind
making this public you may describe what you can recall about the
password in there and then someone might help estimate your chances
and/or suggest specific JtR settings.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.