Date: Mon, 10 Sep 2012 04:11:47 +0400 From: Alexander Cherepanov <cherepan@...me.ru> To: john-dev@...ts.openwall.com Subject: Re: Cracking Mountain Lion hashes (WIP) On 2012-09-10 03:29, magnum wrote: > On 10 Sep, 2012, at 1:20 , Alexander Cherepanov <cherepan@...me.ru> wrote: > >> On 2012-09-08 15:38, Dhiru Kholia wrote: >> >>> Sample Output: lulu.plist:$ml$23923$c3fa2e153466f7619286024fe7d812d0a8ae836295f84b9133ccc65456519fc3$ccb903ee691ade6d5dee9b3c6931ebed6ddbb1348f1b26c21add8ba0d45f27e61e97c0b80d9a18020944bb78f1ebda6fdd79c5cf08a12c80522caf987c287b6d >>> >>> Format : filename:$ml$iterations$salt$hash >> >> Isn't it better to print user name in the first field as usually done in >> other formats? > > Good catch, the file name is the actual user name so you should strip '.plist' from every entry. This will help Single mode produce much less worthless candidates. In fact I thought about an attribute 'name' in the source .plist file. But it's even better -- there are also attributes 'uid', 'gid', 'realname', 'home', 'shell', so full gecos can be constructed. > BTW most *2john tools that put the filename in the username field > should strip the path for the same reason. I did that to rar2john. The > filename might be useful for Single mode, but probably not the > [cracker's] full path. Full path may be good for keeping track which hash is for which file. But I'm not sure where it's better to put it. -- Alexander Cherepanov
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.