Date: Wed, 13 Jul 2011 18:04:57 +0200 From: Sistemas <linux@...agroup.com> To: john-users@...ts.openwall.com Subject: Re: Crack a MS SQL Server 2000 password El 13/07/2011 17:42, Solar Designer escribió: > On Wed, Jul 13, 2011 at 05:25:14PM +0200, Sistemas wrote: >> Nevertheless this hash format should be listed in >> http://openwall.info/wiki/john/sample-hashes?s=hash%20formats or this >> list is for the hashes supported in the standard/official john version? > This list is not limited to hashes supported in the main JtR, but it is > incomplete in other ways. Please feel free to add to it (once you > figure things out). > > For all hash types supported by whatever version of JtR you're using, > you may find some sample hashes in test arrays in the *_fmt.c files. > In your case, you'd want to look at mssql_fmt.c and mssql05_fmt.c. The > hash encodings given in there are 94 or 54 characters long, including > the leading "0x". > >>>> I'm using the full uppercase hash which is 40 hex characters long >>>> (160bits). Is this right? Should I add the salt? > Yes, John definitely needs the salt. > > I am not familiar with MS SQL hashes at all, but it might be something > like: "0x0100" hash type identifier and flags (6 chars), then the salt > (8 chars?), then your 40 hex char hash. This gives 54, which matches > some of the test vectors in mssql05_fmt.c. > > I hope this helps. > > Alexander Correct. The correct syntax is: user:0x0100 + salt (6chars) + hash (40chars) I've test it against known passwords and it worked. Thank you guys. I'll try to make a full howto off this in the wiki (from extraction options to john examples).
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.