Date: Mon, 28 Sep 2015 23:03:18 +0200 From: magnum <john.magnum@...hmail.com> To: john-dev@...ts.openwall.com Subject: Re: Kerberoast for John On 28/09/15 22:59, magnum wrote: > On 28/09/15 11:50, Michael Kramer wrote: >> I wanted to share my work with the John Community. The work is based >> on the Kerberoast Python script from Tim Medin and I've ported it >> from there to C and then into John. > > Cool, thanks! > >> I've included the fmt_plug file for John, a testfile with 3 >> testhashes the module is able to crack, and also part of the python >> script from Tim Medin to parse kirbi files into the format my John >> module uses. > > You should include all three as test vectors. After doing so, you'll > find that the format fails self-tests as written. It may crack that test > file but it's flawed and will not always work. > >> But I've encountered a strange bug and thought maybe one of you could >> help me. > > There are many bugs ;-) I think you need to do the following, for a > starter: > > 1. Change BINARY_SIZE to 0 and replace binary with fmt_default_binary. > Have a look at some other format with a binary size of 0. > 2. Change salt to a struct holding both the salt and what you are now > putting in the binary (so this becomes a "salt-only" format, or a > non-hash as we use to call them). Then of course change SALT_SIZE to > sizeof that struct. On another look, perhaps you could actually just switch salt and binary. That 16 byte thing you currently use as a salt seems to be fine to use as a binary. Then you'd just put most of cmp_all() in crypt_all() like a normal format. magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.