Date: Mon, 28 Sep 2015 23:14:39 +0200 From: Michael Kramer <michael.kramer@...-konstanz.de> To: john-dev@...ts.openwall.com Subject: Re: Kerberoast for John Am 28.09.2015 um 23:03 schrieb magnum: > On 28/09/15 22:59, magnum wrote: >> On 28/09/15 11:50, Michael Kramer wrote: >>> I wanted to share my work with the John Community. The work is based >>> on the Kerberoast Python script from Tim Medin and I've ported it >>> from there to C and then into John. >> >> Cool, thanks! >> >>> I've included the fmt_plug file for John, a testfile with 3 >>> testhashes the module is able to crack, and also part of the python >>> script from Tim Medin to parse kirbi files into the format my John >>> module uses. >> >> You should include all three as test vectors. After doing so, you'll >> find that the format fails self-tests as written. It may crack that test >> file but it's flawed and will not always work. >> >>> But I've encountered a strange bug and thought maybe one of you could >>> help me. >> >> There are many bugs ;-) I think you need to do the following, for a >> starter: >> >> 1. Change BINARY_SIZE to 0 and replace binary with fmt_default_binary. >> Have a look at some other format with a binary size of 0. >> 2. Change salt to a struct holding both the salt and what you are now >> putting in the binary (so this becomes a "salt-only" format, or a >> non-hash as we use to call them). Then of course change SALT_SIZE to >> sizeof that struct. > > On another look, perhaps you could actually just switch salt and > binary. That 16 byte thing you currently use as a salt seems to be > fine to use as a binary. Then you'd just put most of cmp_all() in > crypt_all() like a normal format. > > magnum > As I said this was my first try at a John module :) Thank you for the suggestions! I'll try them out and keep in touch after I updated the files! - Michael --- Diese E-Mail wurde von Avast Antivirus-Software auf Viren geprüft. https://www.avast.com/antivirus
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.