Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 8 Sep 2012 14:24:50 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Cracking Mountain Lion hashes (WIP)

On 8 Sep, 2012, at 13:38 , Dhiru Kholia <dhiru.kholia@...il.com> wrote:

> On Sat, Sep 8, 2012 at 12:08 AM, Lukas Odzioba <lukas.odzioba@...il.com> wrote:
>> 2012/9/7 Dhiru Kholia <dhiru.kholia@...il.com>:
>>>> Now we have test vector so making patch for it will be easy.
>>>> I'll send it within an hour. Hopefully JtR will be first 10.8 password cracker:)
>>> 
>>> Cool. Let me know if you need more test vectors. I can generate them tomorrow.
>> 
>> Can you make changes to ml2john.py so it will out ciphertext
>> exctracted from shadowhash field?
> 
> Done. ml2john.py is now committed to magnum-jumbo.

I think ml2john.py (and agilekc2john.py too) should be chmod 755. On the other hand, when I did so and ran it (under OSX) using just ../run/ml2john.py, it failed: I had to use "python2.7 ../run/ml2john.py luser.plist". This works fine on native OSX.

For new formats it's always a good idea to verify how non-ascii characters are handled. In this case I presume it is UTF-8. Here is a test-vector:

$ml$37174$ef768765ba15907760b71789fe62436e3584dfadbbf1eb8bf98673b60ff4e12b$294d42f6e0c3a93d598340bfb256efd630b53f32173c2b0d278eafab3753c10ec57b7d66e0fa79be3b80b3693e515cdd06e9e9d26d665b830159dcae152ad156

Password is müller (muller but with an u-umlaut as second character). BTW I notice I got a higher iterations count than what you posted.

For source-code encoding safety, it should be declared like this in the format:

	{"$ml$37174$ef768765ba15907760b71789fe62436e3584dfadbbf1eb8bf98673b60ff4e12b$294d42f6e0c3a93d598340bfb256efd630b53f32173c2b0d278eafab3753c10ec57b7d66e0fa79be3b80b3693e515cdd06e9e9d26d665b830159dcae152ad156", "m\xC3\xBCller"},

magnum

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.