Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 6 Mar 2015 17:57:48 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: Generic crypt(3)

Hi, there is an example project: fwknop which integrated with AFL.
And is the hash's format right ?

root:$6$FrkHWlkw$m8p79w.oVQm8ZOmlC4BgHJgPBvfHVkmUdcSv5ayO5FcTE
3PP�NP8CV8NBemI6v3vO2hdNJ9mkilnSQHAmdbEe.:0:0::/root:/bin/bash

Note: there is "�".

Thank you in advance.





On Fri, Mar 6, 2015 at 5:52 PM, Albert Veli <albert.veli@...il.com> wrote:

>  Hi, you can't fuzz the hash. You have to guess a password and then use
> the correct algorithm to translate it to a hash and finally compare if the
> hashes are the same. That is basically what john does for you. But I don't
> know if it is possible to somehow involve AFL in this process. Is it?
>
>
> On 03/06/2015 10:28 AM, Kai Zhao wrote:
>
> Hi,
>
>  I tried to crack my password with John the Ripper jumbo. There are two
> password
> , one is right-format and another one is changed by AFL(American Fuzzy
> Lop).
>
>  right-format one: (there is one line)
>
>   root:$6$FrkHWlkw$m8p79w.oVQm8ZOmlC4BgHJgPBvfHVkmUdcSv5ayO5FcTE
> 3PPCNP8CV8NBemI6v3vO2hdNJ9mkilnSQHAmdbEe.:0:0:root:/root:/bin/bash
>
>  changed one    :(there is one line)
>
>  root:$6$FrkHWlkw$m8p79w.oVQm8ZOmlC4BgHJgPBvfHVkmUdcSv5ayO5FcTE
> 3PP�NP8CV8NBemI6v3vO2hdNJ9mkilnSQHAmdbEe.:0:0::/root:/bin/bash
>
>  The right-format one took a lot of time and I canceled. The changed one
> took a lot of time too. I think
> the changed one is wrong-format. Since there is a character "�" . crypt(3)
> man page shows that the
> format should be : "$id$salt$encrypted". Also the characters in "salt" and
> "encrypted" are draw from
> the set [a-zA-Z0-9./];
>
>  However, john did not recognize the changed one as wrong-format and
> tried to crack it.
>
>  My john is downloaded from:
> https://github.com/magnumripper/JohnTheRipper
>
>  And my compile steps are: ./configure && make -sj8
>
>  Is this a bug?
>
>  Thank you in advance.
>
>  --
> loverszhaokai
> motto:You got a dream and you gotta protect it.
> github:https://github.com/loverszhaokai
> blog:http://www.cnblogs.com/lovers/
>
>
>


-- 
loverszhaokai
motto:You got a dream and you gotta protect it.
github:https://github.com/loverszhaokai
blog:http://www.cnblogs.com/lovers/

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.