|
Message-ID: <20101106140601.GA4230@openwall.com> Date: Sat, 6 Nov 2010 17:06:01 +0300 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: which john & options to use for Mac OS X 10.4+ salted SHA-1 using OSX 10.6? William, On Fri, Nov 05, 2010 at 06:05:21PM -0700, William wrote: > 1. You're right: the .iso has the same password as the account I was using that I used the unshadow on, You mean you used xpwdump? unshadow does not support OS X shadow files. > so I have the .iso, but the account has since been deleted, so it's from the account, but I need the pw for the .iso. Just how is this .iso password protected? This sounds weird to me. Maybe you mean something different, like a .dmg? > 2. > When i loaded it onto the MacMini, I had to dl Rosetta... > There was no error message, it just said "need to download Rosetta ok/no" so I hit "ok" and it did. OK, thanks for the info. We'll keep this in mind in case more people report the problem or we manage to reproduce it ourselves. Is it possible that you ran the "john_G3" program instead of or in addition to just "john"? If so, it's obvious that "john_G3" would require Rosetta, but you should not be using "john_G3" on a modern Mac. > 3. I tried "./john" on the 1.7.6 with no luck, ... Are you sure you were in the "run" directory when you did that? Another thing to check is file permissions - use "chmod +x john" to make sure the file has executable permissions. (It does in the ZIP archive, but maybe that was lost when you extracted - depending on how you did that.) > 4. The pw was 6 or 7 characters, all lower case, with either two or four numbers and one punctuation, either a * or a !, I can't remember which. This sounds crackable, but you may need to focus the attack (based on the info above) to get the password cracked sooner rather than later. Do you imply that the password started with letters, which were followed by digits, and finally by a punctuation character? Or are these different kinds of characters possibly mixed in arbitrary order? This makes a lot of a difference. If you post more specific and non-ambiguous info (and also some examples of what the password could and could not be), I might be able to provide instructions to have JtR focus on just the desired patterns. > I actually created the pw to be uncrackable, so perhaps I did too good a job. Not quite. Perhaps you're not focusing the attack enough, or maybe you're attacking a hash of a different password. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.