Date: Mon, 06 Jan 2014 02:33:24 +0100 From: magnum <john.magnum@...hmail.com> To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com> Subject: Crack IOS7 RestrictionsPasswordKey hashes from com.apple.restrictionspassword.plist file In a recent discussion on Hashcat forums (http://hashcat.net/forum/thread-2892.html) we discovered the algo behing IOS 7.02+ hashing of "Restrictons" PIN code. Until now it was in the clear, now it's pbkdf2-hmac-sha1 with 1000 iterations. From googling, it seems noone figured this out before. HashCat does not have any generic pbkdf2-hmac-sha1 format though, so it can't be used yet. I really thought we had one but we didn't! So I whipped one up and while I was at it, I wrote an "ios7tojohn.pl" tool to fetch and convert the hashes from a .plist. I haven't tested it except with snippets posted on forums. Since it's just a 4-digit PIN code the keyspace is really really tiny so it's a guaranteed crack in a split second. The problem is not the choice of algorithm: There's not much Apple can do about it except using password instead of PIN. The code is in latest bleeding tree: https://github.com/magnumripper/JohnTheRipper/tarball/bleeding-jumbo magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.