Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 5 Nov 2009 21:35:39 +0300
From: Solar Designer <>
Subject: Re: "No password hashes loaded" on Ubuntu 9.04

A couple of months ago, I posted the following:

> This patch implements generic crypt(3) support.  That is, if the
> Unix-like system you run JtR on supports your desired crypt(3) hash type
> natively, then JtR with this patch applied will also support that hash
> type (albeit non-optimally).
> Right now, the switch statement in salt() is missing proper checks/code
> for the "SHA-crypt" flavors, which means that JtR won't detect matching
> salts for this hash type (and won't take advantage of them for faster
> processing).  (BTW, a related idea is to auto-detect the salt size -
> slow but possible.)  Yet JtR with this patch applied should be able to
> crack weak "SHA-crypt" hashed passwords when running on a proper system.
> Please test.

The full posting (including the patch) is at:

Additionally, I've since added the patch to:

This is john- - generic crypt(3) support.

No one has followed up on my posting in here (bad!), but surprisingly
there's a "video response" on YouTube:

This video shows that the patch does in fact work on recent Ubuntu,
cracking "SHA-crypt" hashes. :-)


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.