Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 8 Feb 2013 14:09:41 -0600
From: "jfoug" <jfoug@....net>
To: <john-users@...ts.openwall.com>
Subject: RE: Cracking SHA1 with some knowledge of password

From: magnum [mailto:john.magnum@...hmail.com] 
>On 8 Feb, 2013, at 17:40 , Lex Par <ziptied@...il.com> wrote:
>
>> Group, I have a SHA1 hash that I would like to brute-force. I have 
>> knowledge of several characters before and after the password (ie, if 
>> the hash is derived from "xxxpasswordyyy", I know both xxx and yyy).  
>> I'd like to somehow input the xxx and yyy values as constants, so that 
>> they are always included in the crack attempt but the "password" 
>> portion is brute-forced.
>
>This can be done in several ways but using rules should be fastest. Add
this to your john.local.conf:
>
>[List.Rules:custom]
>A0"xxx"Az"yyy"
>
>Then run wordlist mode with --rules:custom.
>
>magnum

Another option, is to use dynamic, and create your own 'special' format,
just for this.  If done that way, then you can use -rules, -markov,
-increment, etc within Jtr. To do this, one would use something similar to
the dynamic_26 raw-sha1, but we cannot use MGF_RAW_SHA1_INPUT since dynamic
would not get the original password back out of the input buffer.

So, we simply make a simple raw-like, sha1, but do it with 2 constants.  It
would be something like this:

[List.Generic:dynamic_1050]
Expression=xxxSHA1($p)yyy
Flag=MGF_SHA1_40_BYTE_FINISH
MaxInputLen=40
Func=DynamicFunc__clean_input
Func=DynamicFunc__append_input1_from_CONST1
Func=DynamicFunc__append_keys
Func=DynamicFunc__append_input1_from_CONST2
Func=DynamicFunc__SHA1_crypt_input1_to_output1_FINAL
Const1=xxx
Const2=yyy
Test=$dynamic_1050$82249e184fe863c01f5d60f84fb346ac86e21496:openwall


NOTE, if the constants were something other than xxx and yyy, then the test
hash value must be recomputed (82249e184fe863c01f5d60f84fb346ac86e21496 in
above example, of xxx$Pyyy for password openwall).

To get the sample hash value(s):

echo -n xxxopenwallyyy | sha1sum

Jim.

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.