Date: Fri, 25 Jan 2008 23:52:36 +0300 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: What type of passwords does john crack? On Fri, Jan 25, 2008 at 02:41:06PM -0500, Steve ...... wrote: > anyways I got it installed with jumbo patch john-1.7-all-4.diff.gz ... This is not related to your "problem", but in general it is better to use the latest revision of the jumbo patch, which is currently john-1.7.2-all-9.diff.gz (yes, you'll apply this one on top of 1.7.2). > now I have to run john from /etc/john or I get an fopen: john.ini: No such > file or directory error. =/ That's weird. You must have done something wrong. > anyways point is it still doesnt work... > root@box:~/hash# /etc/john/john --format=raw-MD5 tmp > No password hashes loaded > > root@box:~/hash# cat tmp > ThePumpe:b3759125aa3bf99b7f4c10d9c87046c > Lane:4b6ac052d0892133682eff29d1a62c5 > Aquil:88ce5a69882e9c8560792c632a4946a > Joyc:35afac8f58f984651bd96986932c546 Of course, this won't work. As Marti has correctly pointed out, those 31-character strings are definitely not MD5 hashes, or at least not complete MD5 hashes. (In fact, they also don't appear to be incomplete MD5 hashes with first or last 4 bits dropped, but I can't say for sure.) Also, it is a bad practice to unnecessarily do things as root. "john" does not require root privileges. Finally, the hashes that you posted in your first message in this thread were different - two of the four were 32-character strings (potentially they are in fact raw MD5 hashes, although noone will tell you for sure until you crack them) and the other two were 13-character strings (so they look like they are from a traditional DES-based crypt(3) - and at least one of them is in fact easily crackable). -- Alexander Peslyak <solar at openwall.com> GPG key ID: 5B341F15 fp: B3FB 63F4 D7A3 BCCC 6F6E FC55 A2FC 027C 5B34 1F15 http://www.openwall.com - bringing security into open computing environments -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.