Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <CE03C82B-B6F9-4E4E-87EB-B5BDB8B00E3D@gmail.com>
Date: Thu, 22 Jun 2017 12:16:11 -0700
From: B <dustythepath@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Any differences between Openwall.com versions and Github: dmg2john?

Thanks for the reply,

I was referring to john-1.8.0-jumbo available from openwall.com vs the community enhanced john-1.8.0-jumbo-1.

I had thought there were changes to the latest dmg format but can not reference that so
I will go ahead and run that test.

Bill


> On Jun 22, 2017, at 12:03 PM, Solar Designer <solar@...nwall.com> wrote:
> 
>> On Thu, Jun 22, 2017 at 08:01:27AM -0700, B B wrote:
>> So it occurs to me after getting my hash using the jumbo version on Openwall.com <http://openwall.com/>
> 
> "the jumbo version on Openwall.com" doesn't mean anything specific to
> me.  What jumbo version are you referring to?
> 
>> to get my dmg hash that the hash may be invalid with the latest changes to the format in Mac OS X Sierra.
> 
> I think not.  I've just checked, and there haven't been significant
> changes to dmg2john.c since 2014 (which is when 1.8.0-jumbo-1, which you
> might have used, was released).
> 
>> My question is: Is the version on the website updated for the Sierra dmg format?
> 
> I think it doesn't need to be, or if it does then the latest hasn't been
> updated either.
> 
>> I extracted the hash  using dmg2john, not (py).
> 
> That's good, because a crucial fix was in fact made to dmg2john.py not
> so long ago:
> 
> | commit ab21a7440d072b3bc4b5e3264b2607a781f7bd01
> | Author: Dhiru Kholia <dhiru.kholia@...il.com>
> | Date:   Tue Mar 14 11:36:32 2017 +0530
> | 
> |     dmg2john.py: handle encrypted_blob_size with value 64 properly
> |     
> |     http://www.openwall.com/lists/john-dev/2016/06/10/1
> |     
> |     https://github.com/magnumripper/JohnTheRipper/issues/2151
> 
> dmg2john.c didn't suffer from this issue.
> 
>> In order for me to test for my query I would have to install the Github version to diff the first hash with the Github produced one, but would prefer to ask here as I have moved the operation to another computer.
> 
> I simply reviewed the dmg2john.c revision history.  Of course, changes
> in the rest of JtR could affect this program's behavior as well, but I
> think in this case such review is sufficient.
> 
> Regardless, ideally you'd generate a test .dmg file on Sierra and make
> sure you're able to crack its known password.
> 
> Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.