Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <2bf8ff003ec2e5d46557dc482b76205d@smtp.hushmail.com>
Date: Sat, 8 Sep 2012 14:24:50 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Cracking Mountain Lion hashes (WIP)

On 8 Sep, 2012, at 13:38 , Dhiru Kholia <dhiru.kholia@...il.com> wrote:

> On Sat, Sep 8, 2012 at 12:08 AM, Lukas Odzioba <lukas.odzioba@...il.com> wrote:
>> 2012/9/7 Dhiru Kholia <dhiru.kholia@...il.com>:
>>>> Now we have test vector so making patch for it will be easy.
>>>> I'll send it within an hour. Hopefully JtR will be first 10.8 password cracker:)
>>> 
>>> Cool. Let me know if you need more test vectors. I can generate them tomorrow.
>> 
>> Can you make changes to ml2john.py so it will out ciphertext
>> exctracted from shadowhash field?
> 
> Done. ml2john.py is now committed to magnum-jumbo.

I think ml2john.py (and agilekc2john.py too) should be chmod 755. On the other hand, when I did so and ran it (under OSX) using just ../run/ml2john.py, it failed: I had to use "python2.7 ../run/ml2john.py luser.plist". This works fine on native OSX.

For new formats it's always a good idea to verify how non-ascii characters are handled. In this case I presume it is UTF-8. Here is a test-vector:

$ml$37174$ef768765ba15907760b71789fe62436e3584dfadbbf1eb8bf98673b60ff4e12b$294d42f6e0c3a93d598340bfb256efd630b53f32173c2b0d278eafab3753c10ec57b7d66e0fa79be3b80b3693e515cdd06e9e9d26d665b830159dcae152ad156

Password is müller (muller but with an u-umlaut as second character). BTW I notice I got a higher iterations count than what you posted.

For source-code encoding safety, it should be declared like this in the format:

	{"$ml$37174$ef768765ba15907760b71789fe62436e3584dfadbbf1eb8bf98673b60ff4e12b$294d42f6e0c3a93d598340bfb256efd630b53f32173c2b0d278eafab3753c10ec57b7d66e0fa79be3b80b3693e515cdd06e9e9d26d665b830159dcae152ad156", "m\xC3\xBCller"},

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.