Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 17 Mar 2012 19:35:29 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Re: Cracking RACF passwords

On Sat, Mar 17, 2012 at 1:11 PM, Dhiru Kholia <dhiru.kholia@...il.com> wrote:
> On Wed, Mar 14, 2012 at 9:49 AM, Main Framed <mainframed767@...il.com> wrote:
>> Also, most mainframe implementations don't require mixed case and there's
>> only three special chars ($, @ and #). On top of that, the basic mainframe
>> "shell" called TSO doesn't support passwords longer than 7. So basically if
>> you're cracking a RACF database start with characters A - Z, 0 - 9, #, @, $
>> with a max length of 7 characters.
>
> I see CRACF and JtR showing cracked passwords with length 8. So is the
> max length 7 or it is 8?
> I am not familiar with RULES and creating custom chr files. What
> should I do in order to crack RACF password with above mentioned
> limitations with JtR? Thanks!

I started with a fresh john.pot with a single line
":ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789#@$" in it. I then created a
charset with "./john --make-charset:racf.chr" and added a incremental
mode in john.conf.

[Incremental:RACF]
File = $JOHN/racf.chr
MinLen = 0
MaxLen = 8
CharCount = 39

I am running john as "john -i=racf racfudmp" and so far, I am seeing
good progress :-). Is this all I need to do?

-- 
Cheers,
Dhiru

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.