Date: Wed, 13 Jan 2010 17:35:35 +0300 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: UNSHADOW from Windows On Wed, Jan 13, 2010 at 02:13:26PM +0000, Paul Needham wrote: > For the record, could I not have just pasted the username hash and created my own file, Yes, you could, or you could have used the shadow file alone (no passwd) directly with JtR. This does have a drawback, though: > as the unshadow command only seems to have taken the username and hash and put it in the correct format? No, it should have done a bit more than that. It should have also preserved the auxiliary info from the passwd file, such as the user's full name and home directory pathname, while introducing the password hash from the shadow file into those passwd file lines. This auxiliary info is actually being used by JtR in order to possibly get more passwords cracked quickly (e.g., when a user's password is based on their real name). Alexander P.S. Please avoid over-quoting. Please quote a few lines of context most relevant to your reply only. http://www.netmeister.org/news/learn2quote.html
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.