John the ripper passwd file format with salt not working

Asked Sep 20 '13 at 15:40

Active Sep 20 '13 at 15:40

Viewed 5,651 times

I'm trying test password strength in one of ours ecommerce sites. Im using john the ripper to brute-force a password file. The algorihtm used by php is:

$hash = md5($salt . $pass)

No other transformation is performed nor in the $salt or in the pass, I've manually checked one example. I've found in the documentation that the subformat that goes with the algorithm is dynamic_4. The problem is that passwd file format as written in documentation, doesn't seems to work, John is unable to load the hashes, this is the format that ive used:

// user:$dynamic_4$hash$salt
 emi:$dynamic_4$83a3f08cfb2d9d0bac5d1a1619d8b7dd$Z3MkG2FZsaoV9EDCpmSRWvgANQAeXOeN7oadrAugu0rKEvfKqoNj6D9a

Ive tried to change the salt for the hash but still nothing

Ive tryed the following parameters combination

john --single passwd
john --format=dynamic_4 --single passwd
john --subformat=dynamic_4 --single passwd
john --format=md5 --single passwd
john --format=raw-md5 --single passwd

Thanks for the replies

asked Sep 20 '13 at 15:40

user2253620

A question possibly better suited on [security.se]. – Bernhard Barker Sep 20 '13 at 15:51
Thx for the reply, Ive posted it already. – user2253620 Sep 20 '13 at 16:23
2

the question has been answered http://security.stackexchange.com/questions/42720/john-the-ripper-passwd-file-format-with-salt-not-working – user2253620 Sep 20 '13 at 20:26
You should delete this question then. For future reference, the same question shouldn't be asked on multiple sites - you should rather have flagged it for migration or deleted it when you asked it there. – Bernhard Barker Sep 23 '13 at 07:50

John the ripper passwd file format with salt not working

0 Answers0