Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 20 Oct 2015 21:44:07 +0200
From: magnum <>
Subject: Re: false positive for dmg?

On 2015-10-20 10:33, magnum wrote:
> On 2015-10-20 04:47, noir maru wrote:
>> using the latest bleeding jumbo on mavericks, i have a dmg that i have
>> been
>> bruteforcing in incremental mode with . i was surprised to see a
>> result so
>> soon.
>> the command i am using is
>> john password.hash -inc:LowerNum
>> however, when i try to open the dmg, it does not accept the password. i
>> have tested this build of john with many other encrypted dmg and it
>> always
>> gave the right password. but could this be a false positive?
> In order for me to possibly improve some algo, I'd need that file: Just
> the small file produced with dmg2john, if you dare sharing it.

I got a sample off-list and found out this was a tricky bug in the 
format, now fixed. This only affected DMG version 1.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.