Date: Thu, 22 Jun 2017 21:03:16 +0200 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: Any differences between Openwall.com versions and Github: dmg2john? On Thu, Jun 22, 2017 at 08:01:27AM -0700, B B wrote: > So it occurs to me after getting my hash using the jumbo version on Openwall.com <http://openwall.com/> "the jumbo version on Openwall.com" doesn't mean anything specific to me. What jumbo version are you referring to? > to get my dmg hash that the hash may be invalid with the latest changes to the format in Mac OS X Sierra. I think not. I've just checked, and there haven't been significant changes to dmg2john.c since 2014 (which is when 1.8.0-jumbo-1, which you might have used, was released). > My question is: Is the version on the website updated for the Sierra dmg format? I think it doesn't need to be, or if it does then the latest hasn't been updated either. > I extracted the hash using dmg2john, not (py). That's good, because a crucial fix was in fact made to dmg2john.py not so long ago: | commit ab21a7440d072b3bc4b5e3264b2607a781f7bd01 | Author: Dhiru Kholia <dhiru.kholia@...il.com> | Date: Tue Mar 14 11:36:32 2017 +0530 | | dmg2john.py: handle encrypted_blob_size with value 64 properly | | http://www.openwall.com/lists/john-dev/2016/06/10/1 | | https://github.com/magnumripper/JohnTheRipper/issues/2151 dmg2john.c didn't suffer from this issue. > In order for me to test for my query I would have to install the Github version to diff the first hash with the Github produced one, but would prefer to ask here as I have moved the operation to another computer. I simply reviewed the dmg2john.c revision history. Of course, changes in the rest of JtR could affect this program's behavior as well, but I think in this case such review is sufficient. Regardless, ideally you'd generate a test .dmg file on Sierra and make sure you're able to crack its known password. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.