Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 29 Aug 2012 09:42:03 -0500
From: Richard Miles <>
Subject: Re: Is there any patch to crack MySQL Network auth?

Hi Dhiru,

It's an awesome work! Congrats!

I'm not sure if I understood the input format, can you please give a
practical example? Should I replace this example  with : ?

Such as:

user:challange:hash ?

Also, any special requirement to build this magnum-jumbo at MacOSX? Or is
it like in any Linux box?


On Sat, Aug 25, 2012 at 10:02 AM, Dhiru Kholia <>wrote:

> On Wed, Aug 22, 2012 at 9:02 PM, Richard Miles
> <> wrote:
> > I have a few MySQL network authentication hashes (SHA1 + challenge), but
> I
> > can't find a option to crack it with John. There is a patch (even if
> > unofficial) to crack it?
> Hi,
> I have added support for cracking MySQL network authentication hashes
> to JtR. Use latest code from
> ✗ ../run/john -fo:mysqlna -t
> Benchmarking: MySQL Network Authentication SHA1 [32/64]... DONE
> Raw:    1492K c/s real, 1492K c/s virtual
> However, I could not find a open-source software for obtaining
> "challenge + hash" from a network capture. I had to use Cain & Abel.
> Input Format: $mysqlna$challenge*hash
> --
> Cheers,
> Dhiru

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.