Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20130320155546.GA5788@debian>
Date: Wed, 20 Mar 2013 19:55:47 +0400
From: Aleksey Cherepanov <aleksey.4erepanov@...il.com>
To: john-users@...ts.openwall.com, Pass Words <usenetpass@...oo.com>
Subject: cracking RAR on Mac OS X (was: Re: help with Johnny GUI
 for OSX)

On Tue, Mar 19, 2013 at 03:24:27AM -0700, Pass Words wrote:
> Thank you for the response.   I am getting John to run (I see the list of commands)

Great! John prints its help message when invoked without options. The help
message contains list of commonly used options and some hints on them.

We don't need any options now but we need to tell the name of the rar
file to john. So let's append it to the command that invokes john. So
you need to enter a string like following one and then hit enter:
/path/to/john /path/to/file.rar

> I then drag the file, but I get Permission Denied.  I am logged in
> as admin, and I have set permissions on the rar files.
> 
> Any clues?

I guess that you entered only the file name as the second command so
the Terminal tried to execute it and failed because the rar file does
not have and should not have an execution permission. Please try to
drag john, drag file and only then hit enter.

And I realized it won't work anyway. It'll show:
"No password hashes loaded (see FAQ)"
It's my mistake. But we'll easily fix it.

John does not work with rar files directly. There is an additional
tool called rar2john. It reads rar file, extracts information for john
and prints this information to the standard output. Also it outputs
some info for you to the standard error. rar2john is in the same
directory as john. Do you have it?

Terminal has output redirection so we could put standard output into a
file easily just appending "> filename" to our command. Often files
with prepared hashes for john has .john
extension. So you should enter following in the Terminal:
/path/to/rar2john /path/to/file.rar > /path/to/filename.john

You already know how to input /path/to/rar2john and /path/to/file.rar
dragging files from Finder onto Terminal. But /path/to/filename.john
is another case because it does not yet exist.

You could use local path to enter /path/to/filename.john . For
instance, with "rar1.pw" you'll get a file with name "rar1.pw" in your
home directory. If you wish another location it may be easier to
create a file with any tool (for instance, text editor) in your
preferred location and then drag it onto the Terminal having the
beginning ("/path/to/rar2john /path/to/file.rar > ") already there.
Redirection with ">" will override the file with new content. Be
careful to not override useful file (especially if you work as admin).

As soon as you get /path/to/filename.john as described above you could
start cracking using john with following command:
/path/to/john /path/to/filename.john

Does john say it loaded a hash?

> Also will segmented Rar files work as well as single files?

I don't know. I hope someone else will tell us. Jim, magnum, Dhiru -
will you?

Thanks!

-- 
Regards,
Aleksey Cherepanov

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.