|
Message-ID: <CAJ9ii1FAQ2MfCn1Siruso+vgkgqarg1sp1S3sw-yTQVyo5mtMg@mail.gmail.com> Date: Thu, 16 Aug 2012 10:28:00 -0400 From: Matt Weir <cweir@...edu> To: john-dev@...ts.openwall.com Subject: Cracking Gauss using dynamic Hey all, A new piece of malware called Gauss is floating around that has an encrypted payload. A description of it, along with a request to help crack it, can be found at the following link: https://www.securelist.com/en/blog/208193781/The_Mystery_of_the_Encrypted_Gauss_Payload Considering this is such a high profile instance, I figured it would be cool if JtR had the ability to perform cracking attacks against it. A brief overview of the hashing algorithm is: 10k_md5(md5(path.file.salt)) I figure the path + file combinations would probably best to be generated via rules or an external script and piped into JtR using -stdin. Now this would be fairly easy to do with the dynamic format, except for the fact that it requires 10 thousand rounds of md5. Is there an easy way to do large numbers of iterations using dynamic that I'm just not seeing in the documentation? I figure worth comes to worse I can just create a script that will build a dynamic format with 10k rounds in it but I was wondering if there was a cleaner way? Thanks! Matt
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.