Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 20 Oct 2009 14:25:06 +0200
From: SL <auditor@...chat.de>
To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com>
Subject: Re: Joomla and JTR

Am 2009-10-19 um 20:44 schrieb websiteaccess:
> Is JTR able to crack Joomla hashes ?

Yes, with JimF's "Generic MD5 module" included (http://openwall.info/wiki/john/patches 
), it is:

mysql -u root -D "joomla_DB" -B -N -e "SELECT CONCAT(username, ':',  
'md5_gen(1)', SUBSTRING(password, 1, INSTR(password, ':') - 1), '\$',  
SUBSTRING(password, INSTR(password, ':') + 1)) FROM jos_users WHERE  
INSTR(password, ':') ORDER BY id ASC;" > joomla-hashes && ./john  
joomla-hashes

# Loaded NNN password hashes with NNN different salts ( md5($p. 
$s)        (joomla)  [md5-gen 64x1])

Bon courage.
SL


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.