|
Message-ID: <CAH8ereg1YthJTTXW=1LpcWr5bkg6AtHKjPNMGFy9gBsgiHZNLw@mail.gmail.com> Date: Mon, 17 Jan 2022 23:44:11 -0300 From: Rodrigo s <rodrigozanattasilva@...il.com> To: john-users@...ts.openwall.com Subject: Re: Grammar for dynamic function Ha... I get... I really try for hours to make it work. What I was doing wrong: - I read about the problem with $ in my Windows console. So I did this: -form=dynamic="sha512($u.$p.$s)" and NOT THIS -form="dynamic=sha512($u.$p.$s)"... PQP, VTNC (don't search this :) - Because this didn't work, I thought it was the hash format. And it was.. First a tip.. I really don't know how the hash format (to decrypt) was made. Like, there is only one example that uses two salts and I see I need to put something like "$salt1$$2salt2". Is this the correct way? A good documentation help about it. (Or I just didn't find it?) Your example really works well.. But I discovered it was IMPOSSIBLE for my case work. The problem is: the salt ir really big, so: 'JRLuser:237....db17$TheSalt' -> This work 'JRLuser:237....db17$TheSalt12345678901234567890123456' -> This doesn't.. (Salt is bigger than 32character) I will never see it... So... the question is: How to use Salt bigger than 32 characters? My salt is about 86 characters. Then I tried this strategy: - john -test -format:"dynamic=sha512($u.$p.$s.$s.$s)" (works) - This case mean the same salt 3 times or 3 different salt? Anyway can't input the hash (user:hash$salt1$salt2$salt3) - john -test -format:"dynamic=sha512($u.$p.$s.$s2)" (works) - I got this error and didn't find it in any file: Error, trying to link to $dynamic_6000$ using ciphertext=$dynamic_6000$6.... - Do I declare the $dynamic_6000 in some place? - john -test -format:"dynamic=sha512($u.$p.$s.$s2.$s3)" (don't) - There is no $s3 So... Or I can input a big salt or I divide it in 3 parts because of the 32 character limit. Can someone give me the answer? Is the 32 limit size for salt a bug? Em seg., 17 de jan. de 2022 às 17:45, magnum <magnumripper@...hmail.com> escreveu: > On 2022-01-17 17:42, Rodrigo s wrote: > > What I am trying to do is this function: > > *sha512($u.$p.$s)* > > The easy way is to use the "dynamic ad-hoc" (or dynamic compiler) format > because you can use that literal formula you wrote above, like this: > > $ ./john -test -format:'dynamic=sha512($u.$p.$s)' > Benchmarking: dynamic=sha512($u.$p.$s) [256/256 AVX2 4x]... DONE > Many salts: 5278K c/s real, 5278K c/s virtual > Only one salt: 4710K c/s real, 4710K c/s virtual > > Please note that you need hyphens around the formula so your shell > doesn't act up with the dollar signs. > > The input format is: > > user:<hex hash>$<salt> > > So here's a hash with username "JRLuser", salt "TheSalt" and a password > of "magnum": > > echo > test.in > 'JRLuser:23750433e3685f544c02884cd622570f3d73b359be7dc5d9d5e87c3e394fc53f16dfad34d02680f24d99036aba63014be1343fe60e5391d8366d7be7b432db17$TheSalt' > > $ ./john -format:'dynamic=sha512($u.$p.$s)' test.in > Using default input encoding: UTF-8 > Loaded 1 password hash (dynamic=sha512($u.$p.$s) [256/256 AVX2 4x]) > Warning: no OpenMP support for this hash type, consider --fork=16 > Proceeding with single, rules:Single > Press 'q' or Ctrl-C to abort, almost any other key for status > Almost done: Processing the remaining buffered candidate passwords, if any. > Proceeding with wordlist:./password.lst > magnum (JRLuser) > 1g 0:00:00:00 DONE 2/3 (2022-01-17 21:39) 100.0g/s 2137Kp/s 2137Kc/s > 2137KC/s 123456..Geronimo > No remaining hashes > Use the "--show --format=dynamic=sha512($u.$p.$s)" options to display > all of the cracked passwords reliably > Session completed. > > > In case you need/want to put the salt in hex, use HEX$ like this: > > user:<hex hash>$HEX$<hex salt> > > Hope this helps. > > magnum > >
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.