Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 4 Jan 2013 17:26:37 +0100
From: magnum <>
Subject: Re: Cracking Mountain Lion hashes (WIP)

On 4 Jan, 2013, at 17:03 , Dhiru Kholia <> wrote:
> On Fri, Jan 4, 2013 at 8:57 PM, magnum <> wrote:
>> As discussed earlier in this thread, it should ideally be more like this, and possibly more:
>> luser:(hash):505:20:J Random Luser,crackable4us:/Users/luser:/bin/bash:../../luser.plist
>> The former format would never be cracked at this speed, but the latter format would, immediately, by Single mode because "crackable4us" is the password hint given for this user (and a very good one, lol). Also, the full path of the input file is placed last, in a field that Single mode does NOT read.
> How does the following output look?
> ✗ python2 ../run/ luser.plist
> luser.plist:$pbkdf2-hmac-sha512$(hash):505:20:J Random
> Luser,crackable4us:/bin/bash:luser.plist
> ✗ time ../run/john mlhash
> Loaded 1 password hash (GRUB2 / OS X 10.8 pbkdf2-hmac-sha512
> [PBKDF2-SHA512 CPU])
> crackable4us     (luser.plist)
> guesses: 1  time: 0:00:00:03 DONE (Fri Jan  4 21:33:02 2013)  c/s:
> 12.98  trying: crackable4us
> If it looks okay, I will commit it.

Great, but you should definitely strip '.plist' from the login name. Actually, you should not take the login field from the filename at all - you should parse it from the payload of the file. With that detail fixed, it's perfect.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.