Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 28 Dec 2012 23:20:15 -0500
From: Luis Santana <hacktalk@...ktalk.net>
To: john-users@...ts.openwall.com
Subject: Re: pwsafe2john - How to use this program, preferably in Windows or in Linux if Windows is a no-go?

Download the .zip file and then use the makefile to compile.

Here is a direct link to the zip file

https://github.com/magnumripper/JohnTheRipper/archive/unstable-jumbo.zip


Luis Santana : Founder - HackTalk Security
http://hacktalk.net
hacktalk@...ktalk.net
HackTalk Security - Security From The Underground



On Dec 28, 2012, at 10:50 PM, Dhiru Kholia <dhiru.kholia@...il.com> wrote:

> On Saturday 29 December 2012 06:31 AM, John Hall wrote:
>> 1. I tried the following under Ubuntu (running in a VM on Win 7):
>> git clone git://github.com/magnumripper/magnum-jumbo
> 
> You should be using https://github.com/magnumripper/JohnTheRipper
>> gcc pwsafe2john.c -o pwsafe2john  # from src/ folder
>> That complained that there was an undefined reference to 'main'
>> 
>> So I changed the pwsafe2john name in the pwsafe2john.c file to main
>> Then recompiled with no errors (not sure this was the right 'fix')
> Just building john itself is enough to build "pwsafe2john" program which gets put in "run" sub-folder.
> 
>> Then ran
>>    ./pwsafe2john pwsafe.psafe3 > pwsafedump
>> 
>> That complained "Couldn't find PWS3 magic string. Is this a Password Safe file?"
>> 
>> Well it is a Password Safe file, but from a Windows environment, not sure if that matters.
>> 
>> Using UltraEdit on the pwsafe.psafe3 file, it shows the first 4 characters as PWS3. So I think the file is the correct one.
> 
> This one is a puzzling. I just tested pwsafe2john with samples downloaded from http://openwall.info/wiki/john/sample-non-hashes and it works fine. The samples were mostly generated on M$ Windows.
> 
> Can you try running pwsafe2john on files inside http://openwall.info/wiki/_media/john/Sample-Password-Safe-Safes.tar archive?
> 
>> So I am a bit of a fish out of water on this program.
>> 
>> Any suggestions on how to successfully extract the hash from the pwsafe.psafe3 file so I can feed it to JTR to try to crack?
> 
> No worries. After some debugging and patching it will work :-)
> 
> - Dhiru


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.