Date: Fri, 17 Aug 2012 09:40:21 +0400 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: Cracking Gauss using dynamic On Thu, Aug 16, 2012 at 11:06:48AM -0400, Matt Weir wrote: > https://www.securelist.com/en/blog/208193781/The_Mystery_of_the_Encrypted_Gauss_Payload > > Considering this is such a high profile instance, I figured it would > be cool if JtR had the ability to perform cracking attacks against it. > A brief overview of the hashing algorithm is: > > 10k_md5(md5(path.file.salt)) > > I figure the path + file combinations would probably best to be > generated via rules or an external script and piped into JtR using > -stdin. This would be cool as a test of JtR's capabilities or an opportunity to enhance them, but on the other hand it would not benefit from JtR's ability to generate candidate passwords much. So it's mostly a task for specialized programs. > Now this would be fairly easy to do with the dynamic format, except > for the fact that it requires 10 thousand rounds of md5. Is there an > easy way to do large numbers of iterations using dynamic that I'm just > not seeing in the documentation? I figure worth comes to worse I can > just create a script that will build a dynamic format with 10k rounds > in it but I was wondering if there was a cleaner way? I thought that maybe the implementation of phpass in the dynamic format was generic enough - but it is not. Its loop is hardcoded in DynamicFunc__PHPassCrypt(). So it seems like the current dynamic format is incapable of arbitrary loops. This may be something for JimF to enhance - not for this specific target, but in general. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.