|
Message-ID: <5912C602A0AC534CBCFF0AE6A5D2E23D70550F0E@JWPKEXMBX01.corp.checkfree.com> Date: Thu, 28 Aug 2014 15:18:45 +0000 From: "Williams, Jason (Lake Mary)" <Jason.Williams@...erv.com> To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com> Subject: RE: John not finding mscash2 passwords Well, you can disregard, I figured it out. Based on: http://webstersprodigy.net/2014/02/03/mscash-hash-primer-for-pentesters/ I needed to change the format of the username/hash to just username:hash. This worked. Thanks. Jason -----Original Message----- From: Williams, Jason (Lake Mary) [mailto:Jason.Williams@...erv.com] Sent: Thursday, August 28, 2014 10:13 AM To: john-users@...ts.openwall.com Subject: [john-users] John not finding mscash2 passwords I'm working on cracking mscash2 passwords that were recovered using cachedump in Metasploit, but it's not cracking the passwords. Initially I just assumed that I didn't have correct password in the wordlist, but then I tested it with my an account where I know the password, and John still will not crack it. When I ran cachedump, it puts the hashes in John the Ripper mscash2 format, which I copied that into a text file. I created a line separated wordlist file with various passwords, including the known passwords. Then ran john with: John -format=mscash2 -wordlist=./password.txt ./hashes.txt However, I get: 0g 0:00:00:00 DONE (2014-08-28 09:52) 0g/s 16.36p/s 65.45c/s 65.45C/s Session completed The hashes are loading, because it does give me: Loaded 4 password hashes with 4 different salts (mscash2, MS Cache Hash 2 (DCC2) [PBKDF2-SHA1 128/128 SSE2 4x]) I just did a fresh install/compile of the bleeding-jumbo git version on 64-bit Ubuntu. Any thoughts? Thanks Jason
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.