Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 06 Mar 2015 10:52:17 +0100
From: Albert Veli <>
Subject: Re: Generic crypt(3)

Hi, you can't fuzz the hash. You have to guess a password and then use 
the correct algorithm to translate it to a hash and finally compare if 
the hashes are the same. That is basically what john does for you. But I 
don't know if it is possible to somehow involve AFL in this process. Is it?

On 03/06/2015 10:28 AM, Kai Zhao wrote:
> Hi,
> I tried to crack my password with John the Ripper jumbo. There are two 
> password
> , one is right-format and another one is changed by AFL(American Fuzzy 
> Lop).
> right-format one: (there is one line)
>  root:$6$FrkHWlkw$m8p79w.oVQm8ZOmlC4BgHJgPBvfHVkmUdcSv5ayO5FcTE
> 3PPCNP8CV8NBemI6v3vO2hdNJ9mkilnSQHAmdbEe.:0:0:root:/root:/bin/bash
> changed one    :(there is one line)
> root:$6$FrkHWlkw$m8p79w.oVQm8ZOmlC4BgHJgPBvfHVkmUdcSv5ayO5FcTE
> 3PP�NP8CV8NBemI6v3vO2hdNJ9mkilnSQHAmdbEe.:0:0::/root:/bin/bash
> The right-format one took a lot of time and I canceled. The changed 
> one took a lot of time too. I think
> the changed one is wrong-format. Since there is a character "�" . 
> crypt(3) man page shows that the
> format should be : "$id$salt$encrypted". Also the characters in "salt" 
> and "encrypted" are draw from
> the set [a-zA-Z0-9./];
> However, john did not recognize the changed one as wrong-format and 
> tried to crack it.
> My john is downloaded from:
> And my compile steps are: ./configure && make -sj8
> Is this a bug?
> Thank you in advance.
> -- 
> loverszhaokai
> motto:You got a dream and you gotta protect it.
> github:
> blog:

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.