Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CANWtx02v1JB1PASZw3b0B+PSk4AgNtJ9ZC5h17EL1Hi36jkPjQ@mail.gmail.com>
Date: Mon, 19 Mar 2012 10:27:05 -0400
From: Rich Rumble <richrumble@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: VNC Pcap's for cracking

On Mon, Mar 19, 2012 at 10:18 AM, Dhiru Kholia <dhiru.kholia@...il.com> wrote:
> On Mon, Mar 19, 2012 at 7:46 PM, Dhiru Kholia <dhiru.kholia@...il.com> wrote:
>> Hi Rich,
>>
>> Can you re-check the password for 07-vnc-openwall-3.7.pcap file?
>> "openwall" doesn't work. Using JtR and *new* vncpcap2john I was able
>> to crack all your .pcap files except 07-vnc-openwall-3.7.pcap file and
>> those using 3.3 protocol (TODO).
>
> Never mind. The password is "Password" for  07-vnc-openwall-3.7.pcap
> file (cracked by JtR itself!).
Very nice! Sorry about the mislabel, I was doing so much that day
I may have forgotten to reset it properly and or label it right. Great
test of the module though :)
I can't wait to see it in jumbo or the main branch!
And that reminds me of something... I may put in another
request for someone to look at M$ office passwords (file open). There
are a number of techniques out there for the older versions, office 2007
and above are using AES by default and not as weak as the 40-bit
cipher's in the default of the other versions. (a key exhaustion attack is
there as well, and there are rainbow tables for those keys)
-rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.