Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 27 Nov 2012 13:01:30 +0400
From: Solar Designer <>
Subject: Re: Cracking MongoDB hashes with JtR

Hi Dhiru,

On Mon, Nov 26, 2012 at 10:26:15AM +0530, Dhiru Kholia wrote:
> Based on, I have
> written a JtR format to crack both MongoDB system as well as sniffed
> network hashes.

Cool!  I attended Mikhail's talk on attacking MongoDB at ZeroNights, and
indeed I immediately thought that we ought to support cracking those

> ??? ../run/john -fo:mongodb -t # Atom N270 CPU
> Benchmarking: MongoDB system / network MD5 [32/32]... DONE
> Raw:	813341 c/s real, 821556 c/s virtual
> I have written Ettercap plug-in to output sniffed MongoDB hashes in
> JtR compatible format (the original parser sucks, hope mine works).
> Link:

Does this have to be a custom JtR format?  Can't we have the Ettercap
plugin output lines usable with a dynamic format, perhaps it'd be one of
the pre-defined dynamic formats even?  It'd work a lot faster too (due
to SSE2+ intrinsics, which I guess your code is not using).

> In addition, the following Ettercap plug-in allows fixed salt MiTM
> attacks to be carried out against MongoDB authentication protocol.




Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.