|
Message-ID: <54F978D1.6020406@gmail.com>
Date: Fri, 06 Mar 2015 10:52:17 +0100
From: Albert Veli <albert.veli@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: Generic crypt(3)
Hi, you can't fuzz the hash. You have to guess a password and then use
the correct algorithm to translate it to a hash and finally compare if
the hashes are the same. That is basically what john does for you. But I
don't know if it is possible to somehow involve AFL in this process. Is it?
On 03/06/2015 10:28 AM, Kai Zhao wrote:
> Hi,
>
> I tried to crack my password with John the Ripper jumbo. There are two
> password
> , one is right-format and another one is changed by AFL(American Fuzzy
> Lop).
>
> right-format one: (there is one line)
>
> root:$6$FrkHWlkw$m8p79w.oVQm8ZOmlC4BgHJgPBvfHVkmUdcSv5ayO5FcTE
> 3PPCNP8CV8NBemI6v3vO2hdNJ9mkilnSQHAmdbEe.:0:0:root:/root:/bin/bash
>
> changed one :(there is one line)
>
> root:$6$FrkHWlkw$m8p79w.oVQm8ZOmlC4BgHJgPBvfHVkmUdcSv5ayO5FcTE
> 3PP�NP8CV8NBemI6v3vO2hdNJ9mkilnSQHAmdbEe.:0:0::/root:/bin/bash
>
> The right-format one took a lot of time and I canceled. The changed
> one took a lot of time too. I think
> the changed one is wrong-format. Since there is a character "�" .
> crypt(3) man page shows that the
> format should be : "$id$salt$encrypted". Also the characters in "salt"
> and "encrypted" are draw from
> the set [a-zA-Z0-9./];
>
> However, john did not recognize the changed one as wrong-format and
> tried to crack it.
>
> My john is downloaded from: https://github.com/magnumripper/JohnTheRipper
>
> And my compile steps are: ./configure && make -sj8
>
> Is this a bug?
>
> Thank you in advance.
>
> --
> loverszhaokai
> motto:You got a dream and you gotta protect it.
> github:https://github.com/loverszhaokai
> blog:http://www.cnblogs.com/lovers/
Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.