Date: Tue, 20 Sep 2011 13:19:07 -0500 From: "jfoug" <jfoug@....net> To: <john-users@...ts.openwall.com> Subject: RE: Mac OS X 10.7 Lion password hashes (salted SHA-512) >From: Solar Designer [mailto:solar@...nwall.com] > >There's a lot of talk regarding these lately: > >http://davegrohl.org >http://www.frameloss.org/2011/09/05/cracking-macos-lion-passwords/ >http://www.defenceindepth.net/2011/09/cracking-os-x-lion-passwords.html >http://www.reddit.com/r/netsec/comments/kjrut/cracking_os_x_lion_passwor >ds/ > >Clearly, John the Ripper will support them very soon. The reason I am >posting in here is to ask for opinions on what we should use as the >canonical representation for these hashes and what other representations >(if any) we should support in input files. Any suggestions? > >Perhaps just 136 hex digits, leaving the decoding of base64 and binary >plist files for external tools? And add, say, the $LION$ prefix to >store them non-ambiguously? I think that is ideal. A standard john tool (lion2john) to double base64 the input file, and then output this type line: user:$LION$salt$base16_hash is probably the correct output for that tool to generate, and for the format to validate and use. Jim.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.