Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20230603090053.GA29596@openwall.com>
Date: Sat, 3 Jun 2023 11:00:53 +0200
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: "No hashes found" when argon2id is present?

Hi,

As a moderator, I reluctantly accepted the below obviously LLM-generated
posting just to illustrate problems with LLM-generated answers in this
context.  However, please don't post more LLM-generated answers in here.

On Sat, Jun 03, 2023 at 01:29:10PM +0530, Aben Sojan wrote:
> As of my knowledge cutoff in September 2021, John the Ripper did not have
> built-in support for the argon2id hashing algorithm. However, it's possible
> that there have been updates or third-party patches since then that add
> support for argon2id hashes.
> 
> To address the issue, you can try the following steps:
> 
> 1. Ensure you have the latest version of John the Ripper installed. Check
> the official website or relevant forums for any updates or patches that may
> have added support for argon2id.
> 
> 2. Look for community-developed patches or extensions that add argon2id
> support to John the Ripper. These can often be found on forums, GitHub
> repositories, or other community-driven platforms. Search for "argon2id
> patch for John the Ripper" or similar keywords to find relevant resources.

I have no knowledge cut-off date, and to my knowledge no such updates
nor patches currently exist.

> 3. If you're unable to find a patch or extension for John the Ripper,
> consider using other password cracking tools that do support argon2id. For
> example, hashcat is another popular password cracking tool that does
> support argon2id. You can explore its documentation and resources for
> guidance on how to crack argon2id hashes using hashcat.

That's the LLM's "wishful thinking" - likely soon to be true, but to my
knowledge not yet true.  It is a problem that LLMs state guesses as if
they were facts, and a reason to avoid sharing LLM-generated answers
without verification nor a warning.

hashcat's Argon2 support request is being tracked here:

https://github.com/hashcat/hashcat/issues/1966

> Remember that password cracking should only be done for legitimate purposes
> and with proper authorization. Ensure that you have the necessary
> permissions and legal rights before attempting any password cracking
> activities.

Sure.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.