Date: Wed, 22 Aug 2012 23:50:44 -0500 From: Richard Miles <richard.k.miles@...glemail.com> To: john-users@...ts.openwall.com Subject: Re: Is there any patch to crack MySQL Network auth? Hi Aleksey, I guess you are right, but neither your dynamic example worked in my test case and it works in Cain&Abel. Thanks. On Wed, Aug 22, 2012 at 1:20 PM, Aleksey Cherepanov < aleksey.4erepanov@...il.com> wrote: > On Wed, Aug 22, 2012 at 01:11:14PM -0500, Richard Miles wrote: > > Humm... anyone was able to crack a simple Mysql network authentication > with > > this Dynamic feature? I tested with sha1($s.(sha1($p))) and no luck. > > I guess you mean sha1($s.sha1(sha1($p))), i.e. double sha1 from > password, don't you? > > > On Wed, Aug 22, 2012 at 12:06 PM, Aleksey Cherepanov < > > aleksey.4erepanov@...il.com> wrote: > > > > > On Wed, Aug 22, 2012 at 07:48:10PM +0400, Vladimir Vorontsov wrote: > > > > Need to brute that: > > > > SHA1(salt + SHA1(SHA1($password))) > > > > > > I guess you could use dynamic for that (doc/DYNAMIC in jumbo). > > -- > Regards, > Aleksey Cherepanov >
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.