Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <69034a26ba029fc621b89e372958bbcc@smtp.hushmail.com>
Date: Mon, 06 Jan 2014 02:33:24 +0100
From: magnum <john.magnum@...hmail.com>
To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com>
Subject: Crack IOS7 RestrictionsPasswordKey hashes from com.apple.restrictionspassword.plist
 file

In a recent discussion on Hashcat forums 
(http://hashcat.net/forum/thread-2892.html) we discovered the algo 
behing IOS 7.02+ hashing of "Restrictons" PIN code. Until now it was in 
the clear, now it's pbkdf2-hmac-sha1 with 1000 iterations. From 
googling, it seems noone figured this out before.

HashCat does not have any generic pbkdf2-hmac-sha1 format though, so it 
can't be used yet. I really thought we had one but we didn't! So I 
whipped one up and while I was at it, I wrote an "ios7tojohn.pl" tool to 
fetch and convert the hashes from a .plist. I haven't tested it except 
with snippets posted on forums.

Since it's just a 4-digit PIN code the keyspace is really really tiny so 
it's a guaranteed crack in a split second. The problem is not the choice 
of algorithm: There's not much Apple can do about it except using 
password instead of PIN.

The code is in latest bleeding tree:
https://github.com/magnumripper/JohnTheRipper/tarball/bleeding-jumbo

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.