Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 25 Jan 2008 16:45:07 -0500
From: "Steve ......" <>
Subject: Re: What type of passwords does john crack?

 hmm it appears all these passwords are 31 characters. I guess that
basically means john wont do anything with it?
actually I grabbed the code from which these "MD5" passwords are created

// MD5 Encryption

function md5_hmac($data, $key)


if (strlen($key) > 64)

$key = pack('H*', md5($key));

$key = str_pad($key, 64, chr(0x00));

$k_ipad = $key ^ str_repeat(chr(0x36), 64);

$k_opad = $key ^ str_repeat(chr(0x5c), 64);

return md5($k_opad . pack('H*', md5($k_ipad . $data)));


appertenly it says there MD5's?!?!...

> > now I have to run john from /etc/john or I get an fopen: john.ini: No
> such
> > file or directory error. =/
> That's weird.  You must have done something wrong.

actually it appears to be a common problem on google. I reinstalled
everything including the latest jumbo patch and this problem still exists..
not a biggie though for me anyways, just letting you know this problem

> Also, it is a bad practice to unnecessarily do things as root.  "john"
> does not require root privileges.
I'd be delighted if something broke my box. then I wouldnt use it anymore.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.