Date: Tue, 20 Oct 2015 21:44:07 +0200 From: magnum <john.magnum@...hmail.com> To: john-users@...ts.openwall.com Subject: Re: false positive for dmg? On 2015-10-20 10:33, magnum wrote: > On 2015-10-20 04:47, noir maru wrote: >> using the latest bleeding jumbo on mavericks, i have a dmg that i have >> been >> bruteforcing in incremental mode with . i was surprised to see a >> result so >> soon. >> the command i am using is >> john password.hash -inc:LowerNum >> >> however, when i try to open the dmg, it does not accept the password. i >> have tested this build of john with many other encrypted dmg and it >> always >> gave the right password. but could this be a false positive? > > In order for me to possibly improve some algo, I'd need that file: Just > the small file produced with dmg2john, if you dare sharing it. I got a sample off-list and found out this was a tricky bug in the format, now fixed. This only affected DMG version 1. magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.