Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sun, 14 Aug 2011 12:47:53 -0700 (PDT)
From: firstname lastname <psykosonik_frequenz@...oo.com>
To: john-users@...ts.openwall.com
Subject: MSSQL Hash Format in JTR

I am using JTR version 1.7.7. with jumbo 6.

Let's say I have the following MSSQL hashes:

0x01006C563579C3609F90F270E9899E15E345310E08868E2719E9BECE67D9B9D96F335D9C9476B5BE24B54865F5A5
0x01006F457745551A2AE1E3921F2FE7027F1E3F071E037B2E977A89F13A4FBA342DAF2B425F1FE48F025708CF2D01
0x0100617778414D87C12A7F9FBC2D2957AF4AD473B03A0F5DC06F5160D158C770D08F9161200ECD5D8855A0536E7F
0x01004F3964391A0973E8C5A22D42035C1905F9755E4901C572251A0973E8C5A22D42035C1905F9755E4901C57225

I run JTR as:

john -w:wordlist.txt --format=mssql hashes.txt

Now the question is, when I check the candidate passwords that are being tried by JTR against these hashes, they are all in Uppercase. Why is that so?

Are the MSSQL 2000 hashes supposed to be case insensitive?

Another question, which relates to the same topic is.

When I try to crack multiple MSSQL hashes with JTR version 1.7.7 jumbo 1,

I notice that, it tries some weird combination of characters and not the actual wordlist passwords.

Also, it tries to bruteforce only the first hash in the hash list. Remaining hashes are ignored.

Is this is a known bug since I couldn't find it listed anywhere in the mailing list, so I have opened this new topic.

Regards,
NeonFlash

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.