Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CAFwrDAuhd6L5K8pP1JyVPdhz2j5m1QK9gmGOX58rw01O6YWQAQ@mail.gmail.com>
Date: Sat, 16 Apr 2016 11:21:58 +0200
From: Davy Douhine <ddouhine@...il.com>
To: john-users@...ts.openwall.com
Subject: Add JBoss hash format

Hi there,

I'm writing here on the advice of Solar Designer to propose to add JBoss
hash format to JtR.

Hash format is:
username=HEX( MD5( username ':' realm ':' password))

Example (user/test):
root@...i:~/ts/jboss-as-7.1.1.Final/bin# ./add-user.sh
(...)
Realm (ManagementRealm) :
Username : user
(...)
root@...i:~/ts/jboss-as-7.1.1.Final/bin# last
../standalone/configuration/mgmt-users.properties
user=1c3470194afdc84b90a0781c5e4462fc

>>> import hashlib; md5sum =
hashlib.md5("user:ManagementRealm:test").hexdigest(); print md5sum
1c3470194afdc84b90a0781c5e4462fc

This format definition seems to work for JBoss AS7 and JBoss EAP6.4 (not
tested with EAP7):
[List.Generic:dynamic_1591]
Expression=md5($u:ManagementRealm:$p)
CONST1=:ManagementRealm:
Flag=MGF_USERNAME
Flag=MGF_NOTSSE2Safe
Func=DynamicFunc__clean_input
Func=DynamicFunc__append_userid
Func=DynamicFunc__append_input1_from_CONST1
Func=DynamicFunc__append_keys
Func=DynamicFunc__crypt_md5
Test=$dynamic_1591$1c3470194afdc84b90a0781c5e4462fc:test:user

root@...i:/opt/bleeding-jumbo/JohnTheRipper/run# ./john
--format=dynamic_1591 bibi
Using default input encoding: UTF-8
Loaded 1 password hash (dynamic_1591 [md5($u:ManagementRealm:$p) 32/64 x2
(MD5_body)])
Warning: no OpenMP support for this hash type, consider --fork=8
Press 'q' or Ctrl-C to abort, almost any other key for status
password         (davy)

MGF_NOTSSE2Safe has been added by Francois Pesce (@JokFP) but Solar
Designer doesn't think it is necessary.
I don't have my cracking computer at the moment so I can't test again but I
remember that it wasn't working without this option.

For those who have one, have a nice weekend !

Davy

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.