Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 12 Mar 2012 19:10:47 +0100
From: Andres Ederra <>
Subject: Re: Re: Cracking RACF passwords

Awesome work! Thanxs!

That is such a huge step forward!

I found the previous asm code I posted deep into the archive of<>

It shouldn't be that hard to process RACF binary database into something

If I get access to some of our RACF admins I can generate some racf db
dumps and build an alternative to cracf.exe ... (but that can take
months... things run slowly at corporate world...)

Best Regards


2012/3/12 Dhiru Kholia <>

> On Mon, Mar 12, 2012 at 8:15 PM, Andres Ederra <>
> wrote:
> > Hi Alexander (and all),
> >
> > Anyway as far as I have investigated the issue the problem is to learn
> > the RACF algorithm, coding it as a john module its a no-issue.
> >
> > I'm afraid that the people who know that info maybe retired (or
> > dead...) and IBM is not going to collaborate that much (I would want
> > to be wrong but...)
> Thanks to Nigel and Main Framed, RACF algorithm is now *known*. A JtR
> module has also been written (Check
> The only part remaining
> is converting RACF binary database(s) into a format usable by JtR
> (i.e. racf2john utility). For now you can use CRACF (to get CRACF.txt
> file from input RACF database), (for CRACF.txt to JtR
> suitable conversion) and finally JtR to audit mainframe passwords.
> --
> Cheers,
> Dhiru

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.