Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Wed, 20 Jan 2010 19:41:47 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: john 1.4.2 with jumbo patch 1 - lm hash problem

On Wed, Jan 20, 2010 at 09:43:24AM -0600, Greg White wrote:
> >> Administrator:500:CEEB0FA9F240C200417EAF40CFAC29C3:D280553F0103F2E643406517296E7582:::
[...]
> > Well, you made a typo in the LM hash. With it corrected to
> > CEEB0FA9F240C200417EAF50CFAC29C3 (the correct hash for "TESTTEST"), it
> > gets cracked just fine.
> 
> That is odd.  It is the same hash file I have used for years and john always cracked it.  I will double check my files when I get home.
[...]
> I was using john 1.7.3.1 for the last year or so.

Well, I've just tried cracking your file, the way you posted it (with
the typo) using a linux-x86-mmx build of 1.7.3.1-all-6 on a P3.  I can't
confirm the problem: this older version similarly does not crack the
last "T" unless the typo is corrected.

> I am using BT4 Final and most of the other utilities I run require root privileges.

Understood.

> On my productions Linux systems I always login as a user and sudo or su when needed.

This is commonly regarded as a security best practice, but it is not
necessarily such a great idea.  Not abusing root does not imply that you
have to login as a user and then su or sudo, which has its own added
security risks.  You could want to see:

http://www.openwall.com/lists/owl-users/2004/10/20/6

http://blueroomhosting.com/help/tutorials/ssh-security.pxl
(scroll down to "Direct root login considerations")

Summary: when accessing remote systems, use separate direct logins as
non-root and as root-privileged accounts (as necessary), don't use
su/sudo to elevate privileges.

This is getting off-topic, though, so no follow-ups to this part of the
message on this list, please. ;-)

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.