Message-ID: <4A3361CB.5030100@telecom.ece.ntua.gr> Date: Sat, 13 Jun 2009 11:22:35 +0300 From: "Antonios F. Atlasis" User-Agent: Thunderbird 2.0.0.21 (X11/20090320) MIME-Version: 1.0 To: john-users@lists.openwall.com Subject: Re: [john-users] cracking MD5 hashes more than 8 characters long with a dictionary References: <4A334DDF.1080602@telecom.ece.ntua.gr> <20090613074856.GA3713@openwall.com> In-Reply-To: <20090613074856.GA3713@openwall.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Dear Alexander, thanks a lot for your very quick response! checking (counting) the precise length of these passwords, this is exactly 16 characters. Hence, I suppose this is due to the limitation that you mentioned concerning the MD5, right? A limitation that obviously does not exist in Blowfish implementation, I guess. Is there any work-around on this? Thanks again Antonios Solar Designer wrote: > On Sat, Jun 13, 2009 at 09:57:35AM +0300, Antonios F. Atlasis wrote: > >> I tried to use John 1.7.3-1 Pro against a shadow file with MD5 (FreeBSD) >> hashes. This shadow contains some hashes that are longer than >> 8-characters. I create a custom wordlist, that contains the actual >> passwords included in this shadow. When I try to crack this shadow >> using this custom wordlist, it cracks the passwords whose length is 8 >> characters or less, but not the ones whose length is more than 8 >> characters (although I feed the wordlist with the correct passwords) >> > > That's weird. Those passwords should be getting cracked, assuming that > they're not longer than 15 characters (a limitation of the current > implementation of MD5-based crypt hashes in JtR). > > I suggest that you post a sample line from your shadow file and the > corresponding plaintext password (the way you set it). Obviously, reset > the password on the real account before you post this info. > > >> Using exactly the same passwords and wordlist against a Blowfish shadow, >> John successfully cracks all the passwords, even the ones whose length >> is more than 8-characters. >> > > Indeed, and this should be working for the MD5-based hashes too. > > >> I tried to change maxlength of john.conf to 16, but this didn't hep me. >> > > The MaxLen setting is for "incremental" mode only, not wordlist. > > Alexander > >