Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 23 Jul 2012 13:47:21 +0400
From: Alexander Cherepanov <>
Subject: Fwd: [john-contest] mscash2 / hmac-md5 ambiguity

It's more appropriate for john-dev, but beware: I only checked it with 
contest version of john.

-------- Original Message --------
Subject: [john-contest] mscash2 / hmac-md5 ambiguity
Date: Mon, 23 Jul 2012 13:19:05 +0400
From: Alexander Cherepanov <>


mscash2 hashes in their canonical form are nevertheless accepted as

$ cat mscash2.john
$ john mscash2.john
Warning: detected hash type "mscash2", but the string is also recognized
as "hmac-md5"
Use the "--format=hmac-md5" option to force loading these as that type
Loaded 1 password hash (M$ Cache Hash 2 (DCC2) PBKDF2-HMAC-SHA-1
[128/128 SSE2 intrinsics 8x])
guesses: 0  time: 0:00:00:02 0.00% (2)  c/s: 339  trying: 123456 - abc123
Session aborted
$ john --format=hmac-md5 mscash2.john
Loaded 1 password hash (HMAC MD5 [128/128 SSE2 intrinsics 12x])
guesses: 0  time: 0:00:00:02 0.00% (3)  c/s: 1120K  trying: 123man - 123mah
Session aborted

IMHO that's not very good.

Alexander Cherepanov

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.