|
Message-ID: <CANO7a6xcxwojXSCE+gEQ+_FRDxr_q-uZHp9PAHPzzMehDj4kJg@mail.gmail.com> Date: Tue, 10 Apr 2012 12:01:18 +0530 From: Dhiru Kholia <dhiru.kholia@...il.com> To: john-dev@...ts.openwall.com, john-users@...ts.openwall.com Subject: Re: [john-dev] Mac OS X keychains and FileVault On Mon, Apr 9, 2012 at 11:10 PM, Dhiru Kholia <dhiru.kholia@...il.com> wrote: > On Sat, Apr 7, 2012 at 5:53 PM, Solar Designer <solar@...nwall.com> wrote: >>> http://www.ucc.asn.au/~matt/src/ - extractkeychain-0.1.tar.gz > > I have implement a JtR plug-in for cracking Mac OS X Keychain > passwords based on extractkeychain-0.1. There is a bug in the current code which leads to large number of false positives. The problem is that only checking padding bytes is not enough to detect wrong passwords. Code to calculate and check HMACSHA1 check sum needs to be figured out and implemented to get rid of these false positives. extractkeychain-0.1 too does not implement this check. -- Cheers, Dhiru
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.