Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 22 Aug 2012 22:20:48 +0400
From: Aleksey Cherepanov <aleksey.4erepanov@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Is there any patch to crack MySQL Network auth?

On Wed, Aug 22, 2012 at 01:11:14PM -0500, Richard Miles wrote:
> Humm... anyone was able to crack a simple Mysql network authentication with
> this Dynamic feature? I tested with sha1($s.(sha1($p))) and no luck.

I guess you mean sha1($s.sha1(sha1($p))), i.e. double sha1 from
password, don't you?

> On Wed, Aug 22, 2012 at 12:06 PM, Aleksey Cherepanov <
> aleksey.4erepanov@...il.com> wrote:
> 
> > On Wed, Aug 22, 2012 at 07:48:10PM +0400, Vladimir Vorontsov wrote:
> > > Need to brute that:
> > > SHA1(salt + SHA1(SHA1($password)))
> >
> > I guess you could use dynamic for that (doc/DYNAMIC in jumbo).

-- 
Regards,
Aleksey Cherepanov

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.