Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Wed, 12 Sep 2012 13:41:44 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Help for JTR

Jonathan -

> On 09/12/2012 03:15 AM, Jonathan Xiao wrote:
> > The steps I did:
> > 1) Dump out the hashes into hashes.txt
> > 2) john.exe --format=lm hashes.txt (no passwords found in here)
> > 3) john.exe --crack-status --incremental hashes.txt (still running)

As Frank says, we definitely need the exact and complete output of these
commands.  We also need to know the exact version of JtR that you're using.

Also, the second command is not supposed to be any better than the first
one if you have a file with LM and NT hashes, as I think you do.
Chances are that it'd autodetect the LM hashes just as the first one,
whereas you actually need to be attacking NT hashes (so you'd use
"--format=nt").  BTW, for the latter you also ought to be using "jumbo"
rather than the smaller "official" JtR.

With "jumbo", you could try something like this:

john.exe --format=nt -w=all.lst --rules=jumbo hashes.txt

Where all.lst can be downloaded from:

http://download.openwall.net/pub/wordlists/

(download all.gz and uncompress it).

This is assuming that you only have NT hashes and no (valid) LM hashes.
If you do have LM hashes as well, then crack those first (quicker to do).

On Wed, Sep 12, 2012 at 11:04:11AM +0200, Frank Dittrich wrote:
> Can you post a mangled sample hash, if not the real one?
> If you post the real hash, make sure to change the password afterwards.
> If you post a mangled hash, make sure you don't change the hash format
> beyond recognition. E.g., you might replace the 0-9A-F characters
> resembling the hex encoded bytes with other instances of 0-9A-F, but
> please don't change the length of the hash...

BTW, this turns out to be surprisingly non-trivial for a lot of people
to do right.  So far, I've seen that most people mangle the strings too
much (including a change to the length) or/and don't actually prevent
attacks on the mangled string (just make such attacks harder).  Here's a
nice example of the latter:

http://www.reddit.com/r/netsec/comments/yo7zi/and_the_crypto_talk_of_the_year_award_goes_to/
http://crypto.2012.rump.cr.yp.to/87d4905b6d2fbc6ad2389debb73f7035.pdf

The recent LinkedIn dump also reminded us that overstriking just a few
of the hash encoding characters is not enough to prevent password
cracking (almost all characters need to be replaced to prevent it).

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.