Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 5 Nov 2009 21:35:39 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: "No password hashes loaded" on Ubuntu 9.04

A couple of months ago, I posted the following:

> This patch implements generic crypt(3) support.  That is, if the
> Unix-like system you run JtR on supports your desired crypt(3) hash type
> natively, then JtR with this patch applied will also support that hash
> type (albeit non-optimally).
> 
> Right now, the switch statement in salt() is missing proper checks/code
> for the "SHA-crypt" flavors, which means that JtR won't detect matching
> salts for this hash type (and won't take advantage of them for faster
> processing).  (BTW, a related idea is to auto-detect the salt size -
> slow but possible.)  Yet JtR with this patch applied should be able to
> crack weak "SHA-crypt" hashed passwords when running on a proper system.
> Please test.

The full posting (including the patch) is at:

http://www.openwall.com/lists/john-users/2009/09/02/3

Additionally, I've since added the patch to:

http://openwall.info/wiki/john/patches
ftp://ftp.openwall.com/pub/projects/john/contrib/

This is john-1.7.3.1-generic-crypt-1.diff.gz - generic crypt(3) support.

No one has followed up on my posting in here (bad!), but surprisingly
there's a "video response" on YouTube:

http://www.youtube.com/watch?v=ETjPnLmdNHg&hd=1

This video shows that the patch does in fact work on recent Ubuntu,
cracking "SHA-crypt" hashes. :-)

Alexander


Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.