[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHFR4j4EaUfDWxuc1SDmPA8XaxrWJQO2FNcj_dU4O_XyAkehkA@mail.gmail.com>
Date: Thu, 7 Jun 2012 15:44:12 +0400
From: "Elijah [W&P]" <smarteam.support@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: JtR to process the LinkedIn hash dump
interesting findings from the internet:
grep `echo -n l1nked0ut | shasum | cut -c6-40` combo_not.txt
000000afef5f2ba94b104126d04db1837f423816
e7bf10afef5f2ba94b104126d04db1837f423816
so it is very likely that there are hashes listed both in their original
state and with zeroes
$ cat combo_not.txt |cut -c7-40 |sort |dups |wc -l
670781
and those couples occupy around 10% of the file
my guess there were at least two cracking attempts made (by the same person
or by different people) and after that the results were combined and
deduped (but the 00000-modification was made before combining what lead to
this situation)
On 7 June 2012 11:33, Frank Dittrich <frank_dittrich@...mail.com> wrote:
> On 06/07/2012 09:30 AM, Frank Dittrich wrote:
> > Even the rockyou list without any mangling rules cracked 93 hashes out
> > of those not beginning with '00000'.
> > This suggests, that prior to releasing the uncracked hashes, just
> > ascii-only rainbow tables have been used.
>
> I forgot to mention that those 93 passwords contained non-ascii characters.
>
> Frank
>
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
