Date: Mon, 17 Jan 2022 23:58:09 -0300 From: Rodrigo s <rodrigozanattasilva@...il.com> To: john-users@...ts.openwall.com Subject: Re: Grammar for dynamic function ha!!! why not john -test -format:"dynamic=sha512($s.$p.$u)" !! Just change the user by salt... This is uggly, but works! Em seg., 17 de jan. de 2022 às 23:44, Rodrigo s < rodrigozanattasilva@...il.com> escreveu: > Ha... I get... > > I really try for hours to make it work. What I was doing wrong: > > - I read about the problem with $ in my Windows console. So I did > this: -form=dynamic="sha512($u.$p.$s)" and NOT > THIS -form="dynamic=sha512($u.$p.$s)"... PQP, VTNC (don't search this :) > - Because this didn't work, I thought it was the hash format. And it > was.. > > First a tip.. I really don't know how the hash format (to decrypt) was > made. Like, there is only one example that uses two salts and I see I need > to put something like "$salt1$$2salt2". Is this the correct way? A good > documentation help about it. (Or I just didn't find it?) > > Your example really works well.. But I discovered it was IMPOSSIBLE for my > case work. The problem is: the salt ir really big, so: > 'JRLuser:237....db17$TheSalt' -> This work > 'JRLuser:237....db17$TheSalt12345678901234567890123456' -> This > doesn't.. (Salt is bigger than 32character) > > I will never see it... So... the question is: > How to use Salt bigger than 32 characters? My salt is about 86 > characters. > > Then I tried this strategy: > > - john -test -format:"dynamic=sha512($u.$p.$s.$s.$s)" (works) > - This case mean the same salt 3 times or 3 different salt? Anyway > can't input the hash (user:hash$salt1$salt2$salt3) > - john -test -format:"dynamic=sha512($u.$p.$s.$s2)" (works) > - I got this error and didn't find it in any file: Error, trying to > link to $dynamic_6000$ using ciphertext=$dynamic_6000$6.... > - Do I declare the $dynamic_6000 in some place? > - john -test -format:"dynamic=sha512($u.$p.$s.$s2.$s3)" (don't) > - There is no $s3 > > So... Or I can input a big salt or I divide it in 3 parts because of the > 32 character limit. Can someone give me the answer? > > Is the 32 limit size for salt a bug? > > Em seg., 17 de jan. de 2022 às 17:45, magnum <magnumripper@...hmail.com> > escreveu: > >> On 2022-01-17 17:42, Rodrigo s wrote: >> > What I am trying to do is this function: >> > *sha512($u.$p.$s)* >> >> The easy way is to use the "dynamic ad-hoc" (or dynamic compiler) format >> because you can use that literal formula you wrote above, like this: >> >> $ ./john -test -format:'dynamic=sha512($u.$p.$s)' >> Benchmarking: dynamic=sha512($u.$p.$s) [256/256 AVX2 4x]... DONE >> Many salts: 5278K c/s real, 5278K c/s virtual >> Only one salt: 4710K c/s real, 4710K c/s virtual >> >> Please note that you need hyphens around the formula so your shell >> doesn't act up with the dollar signs. >> >> The input format is: >> >> user:<hex hash>$<salt> >> >> So here's a hash with username "JRLuser", salt "TheSalt" and a password >> of "magnum": >> >> echo > test.in >> 'JRLuser:23750433e3685f544c02884cd622570f3d73b359be7dc5d9d5e87c3e394fc53f16dfad34d02680f24d99036aba63014be1343fe60e5391d8366d7be7b432db17$TheSalt' >> >> $ ./john -format:'dynamic=sha512($u.$p.$s)' test.in >> Using default input encoding: UTF-8 >> Loaded 1 password hash (dynamic=sha512($u.$p.$s) [256/256 AVX2 4x]) >> Warning: no OpenMP support for this hash type, consider --fork=16 >> Proceeding with single, rules:Single >> Press 'q' or Ctrl-C to abort, almost any other key for status >> Almost done: Processing the remaining buffered candidate passwords, if >> any. >> Proceeding with wordlist:./password.lst >> magnum (JRLuser) >> 1g 0:00:00:00 DONE 2/3 (2022-01-17 21:39) 100.0g/s 2137Kp/s 2137Kc/s >> 2137KC/s 123456..Geronimo >> No remaining hashes >> Use the "--show --format=dynamic=sha512($u.$p.$s)" options to display >> all of the cracked passwords reliably >> Session completed. >> >> >> In case you need/want to put the salt in hex, use HEX$ like this: >> >> user:<hex hash>$HEX$<hex salt> >> >> Hope this helps. >> >> magnum >> >>
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.