Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 24 Mar 2012 18:56:16 +0530
From: Dhiru Kholia <>
Subject: Re: [JtR patch] Fast cracker for Mozilla Firefox,
 Thunderbird and SeaMonkey master passwords.

On Sat, Mar 24, 2012 at 5:50 PM, Dhiru Kholia <> wrote:
> On Sat, Mar 24, 2012 at 5:46 PM, magnum <> wrote:
>> On 03/24/2012 01:12 PM, magnum wrote:
>>> BTW Dhiru, I also tried the format on a db without a master password
>>> set. This was not detected and apparently this is not the same as a
>>> nullstring password so john started to try cracking and will prbably
>>> never succeed. Is there a way you could detect this situation, maybe in
>>> mozilla2john already?

Can you try running the *new* mozilla2john (C version, patch attached)
and see if it fixes the problem?

Also, even if we disable "HAVE_NSS" in Makefile, mozilla2john symlink
in run/ is created. Can we somehow avoid this?


Can you test the patch with your sample data set? You might have to
rename your files to cert8.db and key3.db and put them in separate


Download attachment "0001-V2-Fast-cracker-for-Mozilla-Firefox-Thunderbird-and-.patch" of type "application/octet-stream" (75913 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.