Date: Fri, 18 Dec 2009 11:31:44 -0600 From: "Jim" <jfoug@....net> To: <john-users@...ts.openwall.com> Subject: RE: JTR and format md5_gen From: SL [mailto:auditor@...chat.de] >md5_gen(7) is md5(md5($p).$s) with a fixed 3-byte salt, if I remember >correctly (Jim?). >For any other md5(md5($p).$s) hash, you should use md5_gen(6). md5_gen(6) and md5_gen(7) are the same thing, however, the md5_gen(7) adds a couple of extra 'validations' when parsing an input line: First, it stipulates that the salt MUST be 3 and only 3 characters (shorter or longer will NOT be loaded). Second, it will FORCE you to use a different separator char, since the ':' IS a valid salt character in vBulletin hash/salt pairs, and you WILL see them all the time for normal input. But other than those 2 extra validations, 6 and 7 are the same. You can use md5_gen(6) to crack vbulletin hashes just fine. It simply will not 'hold your hand' validating that salts are 3 bytes, and that you are properly splitting up the fields. >IPB2 uses md5(md5($s).md5($p))), so you'd want to use md5_gen(12). > >Same procedure as before: >user[tab]md5_gen(12)HASH$salt > >* TAB is field separator >* $ is salt separator >* md5_gen(12) is hash type identifier The only time you 'have' to use a character other than the 'default' : as a line separator, is IF the format (the hash, or the salt, or the user names, or other gecos fields) contain ':' characters. That is WHY I added the ability to set it to something else. You can ALWAYS use a different separator character and things 'will' work, but there is no reason you 'have' to use a different character.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.