Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 3 Sep 2014 05:42:54 +0400
From: Solar Designer <>
Subject: Re: Cracking HSRP MD5 authentication "hashes"

Hi Dhiru,

On Tue, Sep 02, 2014 at 09:47:43AM +0200, Dhiru Kholia wrote:
> I have added support for cracking HSRP MD5 authentication "hashes" to
> JtR-jumbo (in the bleeding-jumbo branch), which you can get from the
> following URL,
> $ python ../run/ HSRP-auth-md5-openwall.pcap > hsrp-hashes
> $ ../run/john hsrp-hashes -w=wordlist
> Loaded 5 password hashes with 5 different salts (hsrp, HSRP MD5 ...)
> openwall         (?)
> ...

Cool.  Thanks!

Can't you make this a "dynamic" mode, though?  This would both avoid the
need for a new C source file, and run faster (can use SIMD right away).

I just took a look at hsrp_fmt_plug.c and I think this could probably be
expressed in terms of Jim's existing dynamic formats interface.

As you have noticed, I almost always suggest this when you add a new
format that uses only MD5 or SHA-1.  Perhaps this is the approach you
should always start with, and only fall back to writing C code when the
dynamic approach fails?

Also, is missing a public domain statement and/or a license.
Actually, the same applies to some other *.py files you contributed.
Can you please apply the license terms from for the rest
of the Python scripts where you're the sole author as well?

> Sample .pcap files are available on the
> page. This repository also documents the reversing process for fun.

Nice.  Can you please also add these samples to:


<@WEareTROOPERS> @DhiruKholia @solardiz @digininja Once you have those hashes, you may put them to proper use with #Loki
<@solardiz> @WEareTROOPERS @DhiruKholia @digininja Also relevant:


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.