Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <21b36a1972f0d9264f954c347ddbe23e@smtp.hushmail.com>
Date: Sun, 04 Mar 2012 00:46:03 +0100
From: magnum <john.magnum@...hmail.com>
To: john-users@...ts.openwall.com
Subject: Re: Problem with --subformat=dynamic_1

You make the exact same mistake as the previous poster: You should
separate the hash and the salt with a dollar sign, not a colon.

But there's another issue here too: For using a hex-encoded salt (as
opposed to an ascii string) you should prepend it with HEX$

To sum that up, I *think* it should be like this:

test:e4841b168d60f6293a9ab90f208d2c82b4b92ef3$HEX$a33eb49a781695273907ef4d3ed00ed6

but that's just off the top of my head.

magnum


On 03/03/2012 07:56 PM, pierzi wrote:
> Sorry for putting my question into Your conversation Gent's
> but i wanted to ask about sha1 with salt
> example:
> test:e4841b168d60f6293a9ab90f208d2c82b4b92ef3:a33eb49a781695273907ef4d3ed00ed6
> user:hash:salt
> so theoretically i should use dynamic_24 sha1($p.$s) am i right?
>> john-omp -format=dynamic -subformat=dynamic_24 test.txt
> No password hashes loaded (see FAQ)
> is what i get...
> Any tips with those hashes?
> best regards
> pierzi
> 
> 2012/3/3 magnum <john.magnum@...hmail.com>
> 
>> Are you using -format=dynamic_1 or -subformat=dynamic_1? It should be
>> the former nowadays (either that or the still supported but obsoleted
>> syntax using both: "-format=dynamic -subformat:dynamic_1")
>>
>> magnum
>>
>>
>> On 03/03/2012 07:02 PM, Joomla wrote:
>>> This doesn't work too :(
>>>
>>> Other options??
>>>
>>> On Sat, Mar 03, 2012 at 11:41:51AM -0600, jfoug wrote:
>>>> Replace:
>>>> admin:d5fedea70cf14c3191fc8e94fe4ca8b9:Y0g7Wx78AdpjIdZd
>>>> with
>>>> admin:d5fedea70cf14c3191fc8e94fe4ca8b9$Y0g7Wx78AdpjIdZd
>>>>
>>>> $ ./john -form=dynamic_1 -w=password.lst keys.txt
>>>> Loaded 1 password hash (dynamic_1: md5($p.$s)  (joomla)  [128x1
>> (MD5_Body)])
>>>> admin            (admin)
>>>> guesses: 1  time: 0:00:00:00 DONE (Sat Mar  3 11:40:47 2012)  c/s: 49898
>>>> trying: Winnie - engage
>>>> Use the "--show" option to display all of the cracked passwords reliably
>>>>
>>>>> From: Joomla [mailto:joomla@...-eu.org]
>>>>>
>>>>> I'm trying to use JTR to test my joomla users password strength but I
>>>>> couldn't.
>>>>>
>>>>> I'm using john 1.7.9 jumbo5 in Linux 64bits with this command
>>>>>
>>>>> john --subformat=dynamic_1 keys.txt
>>>>>
>>>>> and inside keys.txt this:
>>>>> admin:d5fedea70cf14c3191fc8e94fe4ca8b9:Y0g7Wx78AdpjIdZd
>>>>>
>>>>> but it doesn't work, I have tried in several ways but I obtain:
>>>>>
>>>>> No password hashes loaded (see FAQ)
>>>>>
>>>>> Which is the right format of keys.txt??
>>>>
>>>
>>
>>
>>
> 


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.