Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <50DE6871.7080804@gmail.com>
Date: Sat, 29 Dec 2012 09:20:09 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: pwsafe2john - How to use this program, preferably
 in Windows or in Linux if Windows is a no-go?

On Saturday 29 December 2012 06:31 AM, John Hall wrote:
> 1. I tried the following under Ubuntu (running in a VM on Win 7):
> git clone git://github.com/magnumripper/magnum-jumbo

You should be using https://github.com/magnumripper/JohnTheRipper
> gcc pwsafe2john.c -o pwsafe2john  # from src/ folder
> That complained that there was an undefined reference to 'main'
>
> So I changed the pwsafe2john name in the pwsafe2john.c file to main
> Then recompiled with no errors (not sure this was the right 'fix')
Just building john itself is enough to build "pwsafe2john" program which 
gets put in "run" sub-folder.

> Then ran
>     ./pwsafe2john pwsafe.psafe3 > pwsafedump
>
> That complained "Couldn't find PWS3 magic string. Is this a Password Safe file?"
>
> Well it is a Password Safe file, but from a Windows environment, not sure if that matters.
>
> Using UltraEdit on the pwsafe.psafe3 file, it shows the first 4 characters as PWS3. So I think the file is the correct one.

This one is a puzzling. I just tested pwsafe2john with samples 
downloaded from http://openwall.info/wiki/john/sample-non-hashes and it 
works fine. The samples were mostly generated on M$ Windows.

Can you try running pwsafe2john on files inside 
http://openwall.info/wiki/_media/john/Sample-Password-Safe-Safes.tar 
archive?

> So I am a bit of a fish out of water on this program.
>
> Any suggestions on how to successfully extract the hash from the pwsafe.psafe3 file so I can feed it to JTR to try to crack?

No worries. After some debugging and patching it will work :-)

- Dhiru

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.