Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 29 Aug 2012 09:42:03 -0500
From: Richard Miles <richard.k.miles@...glemail.com>
To: john-users@...ts.openwall.com
Subject: Re: Is there any patch to crack MySQL Network auth?

Hi Dhiru,

It's an awesome work! Congrats!

I'm not sure if I understood the input format, can you please give a
practical example? Should I replace this example  with : ?
$mysqlna$challenge*hash

Such as:

user:challange:hash ?

Also, any special requirement to build this magnum-jumbo at MacOSX? Or is
it like in any Linux box?

Thanks


On Sat, Aug 25, 2012 at 10:02 AM, Dhiru Kholia <dhiru.kholia@...il.com>wrote:

> On Wed, Aug 22, 2012 at 9:02 PM, Richard Miles
> <richard.k.miles@...glemail.com> wrote:
> > I have a few MySQL network authentication hashes (SHA1 + challenge), but
> I
> > can't find a option to crack it with John. There is a patch (even if
> > unofficial) to crack it?
>
> Hi,
>
> I have added support for cracking MySQL network authentication hashes
> to JtR. Use latest code from
> https://github.com/magnumripper/magnum-jumbo
>
> ✗ ../run/john -fo:mysqlna -t
> Benchmarking: MySQL Network Authentication SHA1 [32/64]... DONE
> Raw:    1492K c/s real, 1492K c/s virtual
>
> However, I could not find a open-source software for obtaining
> "challenge + hash" from a network capture. I had to use Cain & Abel.
>
> Input Format: $mysqlna$challenge*hash
>
> --
> Cheers,
> Dhiru
>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.