Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20100517220909.GA9010@openwall.com>
Date: Tue, 18 May 2010 02:09:09 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: MediaWiki password hashes

On Sat, May 15, 2010 at 11:32:30PM -0700, Dan Tentler wrote:
> http://www.mediawiki.org/wiki/Manual_talk:User_table#.22B.22_type_password_.28current_default.29
> 
> The "b style" password hashes.

It turns out that JtR with the jumbo patch is readily capable of
cracking these hashes, due to JimF's "generic MD5" code.  Here's how the
input file should be formatted for this to work:

$ cat pw-mw 
user:md5_gen(9)e4ab7024509eef084cdabd03d8b2972c$838c83e1-

This uses the sample hash from the MediaWiki web page above.

John the Ripper 1.7.5-jumbo-3 cracks this as follows:

$ ./john pw-mw
Loaded 1 password hash ( md5_gen(9): md5($s.md5($p))  [md5-gen MMX 32x2])
password         (user)
guesses: 1  time: 0:00:00:00 100.00% (2) (ETA: Tue May 18 02:01:00 2010)  c/s: 27533  trying: 12345 - falcon
$ ./john --show pw-mw 
user:password

1 password hash cracked, 0 left

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.