Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 8 Feb 2013 14:09:41 -0600
From: "jfoug" <>
To: <>
Subject: RE: Cracking SHA1 with some knowledge of password

From: magnum [] 
>On 8 Feb, 2013, at 17:40 , Lex Par <> wrote:
>> Group, I have a SHA1 hash that I would like to brute-force. I have 
>> knowledge of several characters before and after the password (ie, if 
>> the hash is derived from "xxxpasswordyyy", I know both xxx and yyy).  
>> I'd like to somehow input the xxx and yyy values as constants, so that 
>> they are always included in the crack attempt but the "password" 
>> portion is brute-forced.
>This can be done in several ways but using rules should be fastest. Add
this to your john.local.conf:
>Then run wordlist mode with --rules:custom.

Another option, is to use dynamic, and create your own 'special' format,
just for this.  If done that way, then you can use -rules, -markov,
-increment, etc within Jtr. To do this, one would use something similar to
the dynamic_26 raw-sha1, but we cannot use MGF_RAW_SHA1_INPUT since dynamic
would not get the original password back out of the input buffer.

So, we simply make a simple raw-like, sha1, but do it with 2 constants.  It
would be something like this:


NOTE, if the constants were something other than xxx and yyy, then the test
hash value must be recomputed (82249e184fe863c01f5d60f84fb346ac86e21496 in
above example, of xxx$Pyyy for password openwall).

To get the sample hash value(s):

echo -n xxxopenwallyyy | sha1sum


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.