|
Message-ID: <00e001cd4439$9d0641b0$d712c510$@net> Date: Wed, 6 Jun 2012 18:10:49 -0500 From: "jfoug" <jfoug@....net> To: <john-users@...ts.openwall.com> Subject: RE: JtR to process the LinkedIn hash dump >From: Brad Tilley [mailto:brad@...ystems.com] >> The patches are found here: >> >> http://openwall.info/wiki/john/patches > >Thanks. That's working well in testing with the rockyou word list. You will note that 'most' of them that you crack will have 00000 as the first bytes of the hash (if you are using the rock-u words, and nothing more than 'rules' from JtR). This shows that whomever released this, that they are using 00000 as a 'already cracked' signature. To check to see if you have hashes which are 'not' already cracked (assuming you have a clean john.pot file, with ONLY these hashes in it), you can easily do: grep -v "26$00000" john.pot It will list any hashes that do not start with 5 0's (and the password of course). The lines that show from that grep will be like this: $dynamic_26$hash:pass (where hash does not start with 00000) Jim.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.