Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 7 Feb 2011 01:25:47 +0200
From: Martin T <>
Subject: John the Ripper does not detect openssl MD5 hashes

I tried to create few MD5 hashes using openssl and then crack those
hashes using John the Ripper(version and a dictionary file.
At first I made a crackable file for john:

root@...tin-desktop:~# echo test:`printf secret | openssl md5` > md5crypt
root@...tin-desktop:~# cat md5crypt

..then verified, that secret is present in /usr/share/john/password.lst file:

root@...tin-desktop:~# grep -w secret /usr/share/john/password.lst

..and finally tried to crack this MD5 hash using john. However, this
didn't work:

root@...tin-desktop:~# john --wordlist=/usr/share/john/password.lst md5crypt
Loaded 2 password hashes with no different salts (LM DES [64/64 BS MMX])
guesses: 0  time: 0:00:00:00 100%  c/s: 44257  trying: SKIDOO - ZHONGGU

As you can see, john detects this as a "LM DES [64/64 BS MMX]" not
"MD5"(this is probably a default if nothing else matches?). So I tried
with "--format" options:

root@...tin-desktop:~# john --wordlist=/usr/share/john/password.lst
--format=MD5 md5crypt
No password hashes loaded
root@...tin-desktop:~# john --wordlist=/usr/share/john/password.lst
--format=raw-MD5 md5crypt
No password hashes loaded

As I understand, john does not detect the MD5 hash inside my md5crypt
file. What might cause this? Or am I doing something wrong?


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.