Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 23 Apr 2018 04:14:00 -0700
From: Eric Oyen <eric.oyen@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: loading OS X hashes from Davegrohl

ok, the V3 version command also failed with "illegal instruction 4" inside the john/run folder.

it also generated this output in problem reporter:
***
Process:         bash [38503]
Path:            /bin/bash
Identifier:      bash
Version:         ??? (???)
Code Type:       X86-64 (Native)
Parent Process:  bash [38152]

Date/Time:       2018-04-23 04:11:39.762 -0700
OS Version:      Mac OS X 10.7.5 (11G63)
Report Version:  9

Interval Since Last Report:          -118598267 sec
Crashes Since Last Report:           -46
Per-App Crashes Since Last Report:   3
Anonymous UUID:                      DA2AAE55-9DAE-4251-9CB2-E442878C9B7B

Crashed Thread:  Unknown

Exception Type:  EXC_BAD_ACCESS (SIGILL)
Exception Codes: KERN_INVALID_ADDRESS at 0x00007fff5fc01028

Backtrace not available

Unknown thread crashed with X86 Thread State (64-bit):
  rax: 0x0000000000000055  rbx: 0x0000000000000000  rcx: 0x0000000000000000  rdx: 0x0000000000000000
  rdi: 0x0000000000000000  rsi: 0x0000000000000000  rbp: 0x0000000000000000  rsp: 0x0000000000000000
   r8: 0x0000000000000000   r9: 0x0000000000000000  r10: 0x0000000000000000  r11: 0x0000000000000000
  r12: 0x0000000000000000  r13: 0x0000000000000000  r14: 0x0000000000000000  r15: 0x0000000000000000
  rip: 0x00007fff5fc01028  rfl: 0x0000000000010203  cr2: 0x00007fff5fc01028
Logical CPU: 0

Binary images description not available


External Modification Summary:
  Calls made by other processes targeting this process:
    task_for_pid: 0
    thread_create: 0
    thread_set_state: 0
  Calls made by this process:
    task_for_pid: 0
    thread_create: 0
    thread_set_state: 0
  Calls made by all processes on this machine:
    task_for_pid: 10591
    thread_create: 0
    thread_set_state: 0

Model: MacBook3,1, BootROM MB31.008E.B02, 2 processors, Intel Core 2 Duo, 2.2 GHz, 4 GB, SMC 1.24f3
Graphics: Intel GMA X3100, GMA X3100, Built-In, 144 MB
Memory Module: BANK 0/DIMM0, 2 GB, DDR2 SDRAM, 667 MHz, 0x7F98000000000000, 0x393930353239352D3034352E4130314C4600
Memory Module: BANK 1/DIMM1, 2 GB, DDR2 SDRAM, 667 MHz, 0x7F98000000000000, 0x393930353239352D3034352E4130314C4600
AirPort: spairport_wireless_card_type_airport_extreme (0x14E4, 0x88), Broadcom BCM43xx 1.0 (5.10.131.36.15)
Bluetooth: Version 4.0.8f17, 2 service, 11 devices, 1 incoming serial ports
Network Service: Ethernet, Ethernet, en0
Network Service: Wi-Fi, AirPort, en1
Serial ATA Device: Hitachi HTS542525K9SA00, 250.06 GB
Parallel ATA Device: HL-DT-ST DVDRW  GSA-S10N
USB Device: USB 2.0 Hub [MTT], 0x050d  (Belkin Corporation), 0x0237, 0xfd100000 / 3
USB Device: iPhone, apple_vendor_id, 0x12a8, 0xfd110000 / 7
USB Device: Expansion Desk, 0x0bc2  (Seagate LLC), 0x3312, 0xfd150000 / 8
USB Device: External USB 3.0, 0x0480  (Toshiba America Info. Systems, Inc.), 0x0110, 0xfd140000 / 6
USB Device: External USB 3.0, 0x0480  (Toshiba America Info. Systems, Inc.), 0xd011, 0xfd170000 / 5
USB Device: iPhone, apple_vendor_id, 0x12a8, 0xfd120000 / 4
USB Device: Built-in iSight, apple_vendor_id, 0x8501, 0xfd400000 / 2
USB Device: Apple Internal Keyboard / Trackpad, apple_vendor_id, 0x0229, 0x5d200000 / 3
USB Device: IR Receiver, apple_vendor_id, 0x8242, 0x5d100000 / 2
USB Device: Bluetooth USB Host Controller, apple_vendor_id, 0x8205, 0x1a100000 / 2


On Apr 23, 2018, at 3:42 AM, Solar Designer wrote:

> On Mon, Apr 23, 2018 at 03:25:40AM -0700, Eric Oyen wrote:
>> ok, I had to do a little google search. A command turned up I can use called dscl. so I used dscl to dump both the salts and hashes for each user on my system. The command went like this: sudo dscl localhost read Search/Users/<username> >> <Username.txt>
> 
> The "dscl" command is what that Perl script uses internally.  I don't
> know why the script would fail for you if the manual command works.
> 
>> this dumped what appears to be proper data into those files. now all I need to do is run the jumbo supported john on them.
> 
> Great.  Right.
> 
> Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ