headers
websiteaccess-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org | 19 May 2013 18:05
Picon

md5(md5$pass).$salt)

Hi

 I use JTR latest compiled "macosx-x86-64" (Mac OS X 10.5+, Xcode 3.0+, 
x86-64 with SSE2 (best))

 I'm not sure JTRid able to handle hash with long salt (see below)

  hash = af26237e6ff340a0c8176f754ab8d7a5	      salt = 
wxcbHtMBqv,Pv*6.=)B$B`AR8FpME <at> 

I tried 	

$dynamic_1007$af26237e6ff340a0c8176f754ab8d7a5	
wxcbHtMBqv,Pv*6.=)B$B`AR8FpME <at> 
$dynamic_1007$af26237e6ff340a0c8176f754ab8d7a5$wxcbHtMBqv,Pv*6.=)B$B`AR8FpME <at> 
$dynamic_1007$af26237e6ff340a0c8176f754ab8d7a5:wxcbHtMBqv,Pv*6.=)B$B`AR8FpME <at> 

But each time I get 

 iMac-de-xxx:run xxxxxx$ ./john -w:dic.txt hashlist.txt 
-field-separator-char=" "
using field sep char '	' (0x09)
No password hashes loaded (see FAQ)

Any idea ?

 Thanks,
Permalink | Reply | 1 comment |
headers
Aleksey Cherepanov | 19 May 2013 14:02
Picon

invitation to john-users team for PHDays Hash Runner contest 23-24 May

John-users team will participate in PHDays Hash Runner contest again
(http://phdays.com/program/contests/#16299 ). The contest "will last
through the forum days", so I guess exact time is 23 May 2013 00:00
+0400 - 24 May 2013 23:59 +0400.

The team uses a server to collaborate during the contest. So every
user needs an user account there to participate. Ask me for that if
you want to participate as part of john-users team and you do not have
the account.

Everyone is welcome to participate! Though there are some limitation:
- you should have some basic skills or want to get them on your own
very fast before the contest. One intention of the contest is learning
so even with minimal skill you are appreciated to participate.
- we discourage usage of non-free software. If you want to participate
then forget about non-free crackers. Use only John the Ripper if in
doubt.

So if you want to participate send me a private mail with:
- preferred user name,
- public ssh key (get new key with 'ssh-keygen' command, read more on
internet about that).

Thanks!

--

-- 
Regards,
Aleksey Cherepanov
(Continue reading)

Permalink | Reply | 0 comments |
headers
Kyle Gray | 17 May 2013 00:52
Picon
Gravatar

Make issues with make clean macosx-x86-64-native

Hello,

I just downloaded the latest bleeding jumbo and I'm getting an error when attempting to make clean macosx-x86-64-native.

I've followed the instructions:

  1. Install Homebrew
  2. Install Homebrew's openssl and gcc
  3. From your base "john" directory:
	cp -avi src/osx_as_wrapper.sh /usr/local/bin/as
  4. Link whatever gcc version you got from Homebrew to just "gcc" in the
     /usr/local/bin directory. This example is for gcc-4.7:
        ln -s gcc-4.7 /usr/local/bin/gcc
  5. Make sure /usr/local/bin preceeds /usr/bin in your $PATH

And all seems good.

When I run make clean macosx-x86-64-native, I get the following errors:

gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -I/usr/local/include  
-DHAVE_GMP -DHAVE_KRB5    -DHAVE_CRYPT -march=native -Wno-deprecated-declarations
-funroll-loops gladman_pwd2key.c
/var/folders/n8/phvcf3kn2_356yp_fn9280qw0000gn/T//ccLd9HBH.s:40:2: error: invalid instruction
mnemonic 'vcvttsd2siq'
        vcvttsd2siq     %xmm3, %rsi
        ^~~~~~~~~~~
make[1]: *** [gladman_pwd2key.o] Error 1
make: *** [macosx-x86-64-native] Error 2

If necessary, here's the full log: 
(Continue reading)

Permalink | Reply | 8 comments |
headers
Matt Weir | 9 May 2013 19:57
Picon
Favicon

Cracking "Correct Horse Battery Staple" in JtR

I was wondering if there was a built in way to crack "random word"
passwords in JtR. For example Diceware generated passwords, or
http://xkcd.com/936/

In the past I've used a custom script combined with JtR's -stdin option to
combine words from a dictionary but it would be nice if there was a
ruleset, (I'm not sure if the Memory access rules could accomplish this),
or an external mode that could do this.

Thanks,
Matt
Permalink | Reply | 4 comments |
headers
Andrey Korolyov | 4 May 2013 13:11
Picon

JtR and SSH keys

Hello,

Is there planned work to include cracking ability on
password-protected ssh keys? Patch from here
http://marc.info/?l=john-dev&m=130613756016683&w=2 seems to not
recognizing even its own test keys, if applied to the 1.7.9.
Permalink | Reply | 1 comment |
headers
T E | 2 May 2013 20:29
Picon
Favicon

issues with mpirun

This is my first posting to this mailing list. Hi everyone! 

I do have some issues with mpirun to run JohnTheRipper on multiple cores. I have a cpu with 8 cores, and atm I'm
mainly interested in cracking raw-md5 passwords.
My system runs an ubuntu 12.04, and I tested the most recent JTR versions 1.7.9 jumbo 5 and jumbo 7. I modified
the Makefile in the src-folder in such a way that those lines necessary for mpi and omp are uncommented:

## For experimental MPI_Abort support, add -DJOHN_MPI_ABORT too.
CC = mpicc -DHAVE_MPI
MPIOBJ = john-mpi.o

OMPFLAGS =
# gcc with OpenMP
OMPFLAGS = -fopenmp
OMPFLAGS = -fopenmp -msse2

I compile with the flag "linux-x86-64", and there are no errors at compile-time. 

OMP works fine, as the results of the test-benchmarking indicate. However, as raw-md5 doesn't seem to be
supported by OMP by now, I tried to start  john using mpirun:

mpirun -n 4 ./john hash.txt

(mpirun --version
mpirun (Open MPI) 1.4.3

Report bugs to http://www.open-mpi.org/community/help/)

This is described at http://blog.thireus.com/john-the-ripped-steak-and-french-fries-with-salt-and-pepper-sauce-for-hungry-password-crackers
(Continue reading)

Permalink | Reply | 3 comments |
headers
jfoug | 27 Apr 2013 04:07
Picon

Fwd: 'close' to getting opencl working

I have hit magnum up with this (offlist), and am not getting things to work.  I thought I would bring this to the
entire list, and beg for knowledge ;)

I have a VirutualBox VM with 12.10 ubuntu x64.  I have given it 6 cores, 100%, with 2gb memory (I could up that if
needed). I just installed the latest CPU OpenCL version, from the intel site.  I have gotten a test box
OpenCL program working (was in my original post to magnum.  I can not get any tests or runs to see any OpenCL
devices. But the -list=opencl-devices does show it is installed.  Things built/linked perfectly.

Is there anyone out there that can help?   This is the first that I have installed or worked with any of the GPU
inside of JtR, so it is new to me.

Here is some output of the OpenCL build:

$ ../run/john -list=opencl-devices
Platform #0 name: Intel(R) OpenCL
Platform version: OpenCL 1.2 LINUX
	Device #0 (0) name:	Intel(R) Core(TM) i7-2600 CPU  <at>  3.40GHz
	Device vendor:		Intel(R) Corporation
	Device type:		CPU (LE)
	Device version:		OpenCL 1.2 (Build 56860)
	Driver version:		1.2
	Global Memory:		1.0 GB
	Global Memory Cache:	256.2 KB
	Local Memory:		32.0 KB (Global)
	Max memory alloc. size:	500.5 MB
	Max clock (MHz) :	3400
	Max Work Group Size:	1024
	Parallel compute cores:	6

$ ../run/john -device=0 -test=0
(Continue reading)

Permalink | Reply | 17 comments |
headers
Rich Rumble | 19 Apr 2013 22:31
Picon

ssha cpu format

Hmm I've just read it, ssha-256 and 512 are part of Crypt so Cygwin isn't
going to support it. I thought it was a open-cl format only but I think
from the search I just did that Salted SHA Ldap hashes won't work on
cygwin. Can someone confirm that for me, maybe I was missing a library, but
I don't think so :)
-rich
Permalink | Reply | 5 comments |
headers
Guth | 16 Apr 2013 11:02

l33t rules improvement

Hi,

While playing with wordlist, I realized that the default l33t rules in
john.conf are missing "frequent" patterns, mostly:

i -> 1
t -> 7

others (lower priority):
s -> 5
b -> 8
g -> 9

Here is my dirty/incomplete patch (for i->1 only), I'm not used to rules
reading/writing, so please advise/correct (add t->7, ... ?)
It's not extensively tested, so it should probably improved:

-[:c] l /[aeilos] s\0\p[43110$] (?\p1[za] \p1[:c]
-[:c] l /a /[eilos] sa4 s\0\p[3110$] (?\p1[za] \p1[:c]
-[:c] l /e /[ilos] se3 s\0\p[110$] (?\p1[za] \p1[:c]
-[:c] l /i /[los] se1 s\0\p[10$] (?\p1[za] \p1[:c]
-[:c] l /l /[os] sl1 s\0\p[0$] (?\p1[za] \p1[:c]
-[:c] l /o /s so0 ss$ (?\p1[za] \p1[:c]
-[:c] l /a /e /[ilos] sa4 se3 s\0\p[110$] (?\p1[za] \p1[:c]
-[:c] l /a /e /[los] sa4 se3 s\0\p[10$] (?\p1[za] \p1[:c]
-[:c] l /a /i /[los] sa4 sl1 s\0\p[0$] (?\p1[za] \p1[:c]
-[:c] l /a /l /[os] sa4 sl1 s\0\p[0$] (?\p1[za] \p1[:c]
-[:c] l /a /o /s sa4 so0 ss$ (?\p1[za] \p1[:c]
-[:c] l /e /i /[los] se3 sl1 s\0\p[0$] (?\p1[za] \p1[:c]
-[:c] l /e /l /[os] se3 sl1 s\0\p[0$] (?\p1[za] \p1[:c]
(Continue reading)

Permalink | Reply | 2 comments |
headers
Leif Sawyer | 12 Apr 2013 19:38
Favicon

Cisco ACS username: hash or crypt or.... and de-encoding?

I looked through the archives but didn't see anything related...

For Cisco ACS 5, in the CLI administration, a "repository" is defined for the system
to pull or push backups and patches.

Part of the repo definition is an optional username and password (for ftp, say),
and is defined thusly:

ACS(config)#  repository test-ftp
ACS(config-repository)#   user TestUser password plain abc123

which looks like this afterward:

ACS(config)# do sho run | include TestUser
  user Testuser password hash 0c5eadecc96d64ebe2b9e1d3b636d6053e3898bb

I noted that Cisco calls it a 'hash'  -- but since it needs to be cleartext for the ftp process to use it,
wouldn't this be a misnomer?

In any case,  here's a handful of different  passwords and hashes, in case somebody can
do something with it:
--------
Cisco ACS 5.3  repository passwords:

!  user password password plain password
  user password password hash e047fabda9d3659e8d95a73223324f85149e394f
!
!  user test password plain test
  user test password hash 97dc37c94236ec1b4c56871c2e482cbd6f56bd33
!
(Continue reading)

Permalink | Reply | 3 comments |
headers
Jeroen | 12 Apr 2013 18:29

Problem with keepass2john and KeePass 2.x kdbx

Hi list,

I've encountered a problem using keepass2john and a KeePass 2.x kdbx. This
is what I tried:

- Download portable KeePass, version used is 2.20.1 (KeePassLibC 1.24, KDBX
XML 2.20.1) and start it.
- Create a new database, master password = 'test, save and exit.
- Download (git clone) and compile the latest JtR from
<https://github.com/magnumripper/JohnTheRipper>.
- "./keepass2john NewDatabase.kdbx".

An error message is shown:
"! NewDatabase.kdbx : parsing failed, please open a bug if target is valid
KeepPass database."

I think that it's easy to reproduce the problem using the steps above.
However just to make sure I've attached the kbdx I've created. If additional
information is required please let me know! Thanks.

Cheers,

Jeroen
Attachment (NewDatabase.kdbx): application/octet-stream, 2078 bytes
Permalink | Reply | 2 comments |

Gmane