Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 24 Mar 2012 17:50:25 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: [JtR patch] Fast cracker for Mozilla Firefox,
 Thunderbird and SeaMonkey master passwords.

On Sat, Mar 24, 2012 at 5:46 PM, magnum <john.magnum@...hmail.com> wrote:
> On 03/24/2012 01:12 PM, magnum wrote:
>> BTW Dhiru, I also tried the format on a db without a master password
>> set. This was not detected and apparently this is not the same as a
>> nullstring password so john started to try cracking and will prbably
>> never succeed. Is there a way you could detect this situation, maybe in
>> mozilla2john already?
>
> Hm, now it does - after I had set a password (for the first time) and
> deleted it again (entering an empty password as the new one), I get this:
>
>  Master password is not set ...exiting FireMaster

This code will be moved to mozilla2john program soon.

> But this was not the case when I attacked it the first time.

Very strange. I have some code from my "mozilla_password_dump" project
(on github) which should work reliably. Thanks for reporting.

-- 
Cheers,
Dhiru

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.