|
Message-ID: <00b201cd1f3e$9e174150$da45c3f0$@net> Date: Fri, 20 Apr 2012 16:43:25 -0500 From: "jfoug" <jfoug@....net> To: <john-users@...ts.openwall.com> Subject: RE: Re: Extract the cracked pass from John.pot >> $1$10407469$8SlB7veJpGYOpG.avnRgT.:7jeJCek5H3xi2 >> $1$HVL$YkjOda0UYVfukIa.neSJd0:7jeJCek5H3xi2 >> $1$PRN$PxPp5PQ7nz5kgpGmztuuj.:7jeJCek5H3xi2 >> >> Ouchhhh !! so that mean they are no DES but Plain cracked Pass !! >that's right ? > >Well it does seem so but I am yet to confirm them (maybe later). That >would be a freaking b@...rd of a plaintext to crack for crypt-md5 >though, you must have done something very right or you were extremely >lucky. Or something else :) Looks like conversion of some uninitialized pointer or something. NOTE, the 'pw' is exactly the same for every line. Looks very busted to me. This is why I added the code to the test suite, to rip the passwords OUT of the .pot file, and to re-run using them as the dictionary. This shows that the build of john can both properly crack the data, AND that it writes the proper data to the .pot file. But here, I am pretty sure, the cracked passwords are bogus. You might want to see if you can find them in the john.log file. Possibly it was written there correctly. Jim.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.