Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 10 Nov 2008 10:22:03 +0100
From: Simon Marechal <simon@...quise.net>
To: john-users@...ts.openwall.com
Subject: Re: MD5 cracking - finding out substring

JoHnY wrote:
> Hello all,
> 
> I have a problem which someone might be able to help me with.
> First let me explain what I am trying to acomplish.
> I have an MD5 hash of 52-character string (generated by PHP's md5() function), most of the string is known to me, the only parts of the string which are unknown and thus I am trying to find out, are just two substrings, one 4-character long substring at one position of the string and one 3-character long substring at another position (both positions are fixed), both substrings containing just numbers, so theoretically it's a very easy and quick job for john. 
> Now, what is the problem and what I want to find out.
> I have patched john with Raw-MD5 patch, compiled john, Raw-MD5 works fine. First question is, is Raw-MD5 correct for cracking MD5 from within PHP's md5() function? I assume it is, but just want to make sure.
> I have put the known part of the string to the wordlist (so it is the only string in the wordlist) and created a wordlist rule to insert digits at the position of the unknown parts of the string. The rule looks like this:
> li2[0-9]li3[0-9]li4[0-9]li5[0-9] li7[0-9]li8[0-9]li9[0-9]
> Everything would be fine up to this point, but the problem is that john somehow can't handle more than 32-character passwords (or the Raw-MD5 patch can't), so the 52-character long string gets cut I have tried to increase the PLAINTEXT_LENGTH define in rawMD5_fmt.c, but it didn't help. 
> However, what's strange to me, is that when I run john with --stdout option so that it only outputs all passwords to be tried to standard output, it prints the whole 52-character strings, but when I let him crack it, it cuts the passwords he tries to 32 bytes (when I abort john, it outputs the last tried password and it's cut to 32 characters)
> Does anyone know how what to change in john's sources to be able to try the string longer than 32 characters?

Hello,

	the raw-md5 is indeed the right patch. You might want to alter 
rawMD5_fmt.c, and change the PLAINTEXT_LENGTH parameter, then recompile.

However I believe it would be faster to do it in php, as there are only 
10^7 possibilities.

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.