Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 23 Nov 2012 21:59:06 -0800 (PST)
From: wfdawson <>
To: "" <>
Subject: John not "showing" cracked passwords in pot file

Using the familiar "hello" raw-md5 hash...

$ cat user

$ john --show --format=raw-md5 user
0 password hashes cracked, 1 left

$ grep 5d41402abc4b2a76b9719d911017c592 ~/.john/john.pot

Strange... I thought it was perhaps related to the size of my pot file, so I created a special pot file with only the single hash in it lifted from my legacy pot file.  Same result.  I tried it with the "current" test version from Gentoo, and the latest unstable from github.  Same result each try.  Oddly enough, show=left indicates no remaining uncracked hashes.

$ cat john.pot

$ ./john --show --pot=john.pot --format=raw-md5 user
0 password hashes cracked, 1 left

$ ./john --show=left --pot=john.pot --format=raw-md5 user

$ ./john --session=user-all --pot=john.pot --format=raw-md5 user
Loaded 1 password hash (Raw MD5 [128/128 SSE2 intrinsics 12x])
No password hashes left to crack (see FAQ)

ver: 1.7.9-jumbo-7+unstable_omp [linux-x86-64i]

It finally hit me - my legacy pot file is missing the tag that current versions of john prepend to the hash.  A "proper" john.pot should have:

$ cat john.pot

$ ./john --show --pot=john.pot --format=raw-md5 user

1 password hash cracked, 0 left

My pot file has 1340887 untagged hash lines out of 5132667 total.  It seems that lotus5 and dominosec hashes don't get a tag, so that's a legitimate circumstance for much of my pot file.

I suppose I could clean this up by moving my john.pot to another location and artificially re-crack the assembled hashes by iterating over the known hash types to rebuild the "missing" tags.  Is there an easier way to get there?

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.