Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20190129155227.GA25224@openwall.com>
Date: Tue, 29 Jan 2019 16:52:27 +0100
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: DMG file password cracking

On Mon, Jan 28, 2019 at 05:53:35PM -0600, Morgan Woodward wrote:
> Does this give you access to the actual files?

Who do you refer to by "you"?

I did not suggest that you'd share any files with anyone.  I merely
suggested that you try and get things working in this basic way, and
then return to this community with more information on what your
password may or may not be, to receive further guidance.

That said, you could also choose to share your "file.txt" with the
community, which might reveal your filesystem properties but not actual
contents of your encrypted files.

If you were referring to yourself, then the way you get access to the
actual files is through having cracked the password first.  You'd use
this password in the usual way to access the files on your Mac.  JtR
won't directly let you access the files - it will merely give you the
password (if the attack is successful).

> On Wed, Jan 9, 2019 at 3:36 PM Solar Designer <solar@...nwall.com> wrote:
> > You can try one of the community-contributed builds of JtR for macOS:
> >
> > https://download.openwall.net/pub/projects/john/contrib/macosx/
> >
> > On newer hardware, use the "avx2" version.  If it tells you "Sorry, AVX2
> > is required for this build", then use the "sse4" version found nearby.
> >
> > You'll need to first use the dmg2john program on your .dmg file,
> > redirecting this program's output to a text file, like this in a
> > Terminal after cd'ing to the "run" directory:
> >
> > ./dmg2john /path/to/file.dmg > file.txt
> >
> > Then use JtR itself on the resulting file, like this:
> >
> > ./john file.txt
> >
> > Once you confirm you got this working, the community in here will help
> > you focus the attack based on whatever you recall about the password.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.