Date: Wed, 13 Jul 2011 19:42:14 +0400 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: Crack a MS SQL Server 2000 password On Wed, Jul 13, 2011 at 05:25:14PM +0200, Sistemas wrote: > Nevertheless this hash format should be listed in > http://openwall.info/wiki/john/sample-hashes?s=hash%20formats or this > list is for the hashes supported in the standard/official john version? This list is not limited to hashes supported in the main JtR, but it is incomplete in other ways. Please feel free to add to it (once you figure things out). For all hash types supported by whatever version of JtR you're using, you may find some sample hashes in test arrays in the *_fmt.c files. In your case, you'd want to look at mssql_fmt.c and mssql05_fmt.c. The hash encodings given in there are 94 or 54 characters long, including the leading "0x". > >>I'm using the full uppercase hash which is 40 hex characters long > >>(160bits). Is this right? Should I add the salt? Yes, John definitely needs the salt. I am not familiar with MS SQL hashes at all, but it might be something like: "0x0100" hash type identifier and flags (6 chars), then the salt (8 chars?), then your 40 hex char hash. This gives 54, which matches some of the test vectors in mssql05_fmt.c. I hope this helps. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.