john-users - Re: What type of passwords does john crack?

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Message-ID: <263f59e00801251345n4f076c65xe7954b52fbeb48f@mail.gmail.com>
Date: Fri, 25 Jan 2008 16:45:07 -0500
From: "Steve ......" <lynx.9595@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: What type of passwords does john crack?

 hmm it appears all these passwords are 31 characters. I guess that
basically means john wont do anything with it?
actually I grabbed the code from which these "MD5" passwords are created
from..

// MD5 Encryption

function md5_hmac($data, $key)

{

if (strlen($key) > 64)

$key = pack('H*', md5($key));

$key = str_pad($key, 64, chr(0x00));

$k_ipad = $key ^ str_repeat(chr(0x36), 64);

$k_opad = $key ^ str_repeat(chr(0x5c), 64);

return md5($k_opad . pack('H*', md5($k_ipad . $data)));

}

appertenly it says there MD5's?!?!...

> > now I have to run john from /etc/john or I get an fopen: john.ini: No
> such
> > file or directory error. =/
> That's weird.  You must have done something wrong.

actually it appears to be a common problem on google. I reinstalled
everything including the latest jumbo patch and this problem still exists..
not a biggie though for me anyways, just letting you know this problem
exists.

> Also, it is a bad practice to unnecessarily do things as root.  "john"
> does not require root privileges.
>
I'd be delighted if something broke my box. then I wouldnt use it anymore.
;)

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.