05-19-2015, 10:36 PM
Pages: 1 2
05-21-2015, 03:40 AM
great write up!
question regarding scrypt. how did you guys get JTR to work since it is not natively supported?
also, did you guys happen to notice LM hash had a bunch of plains that appeared to look like encoded PHP? for example:
\U77F3\U67F1\U
\U6CE2\U6FE4\U
\U8B66\U5099\U
\U63D0\U723E\U
\U7600\U9752\U
or perhaps it was a dead end
question regarding scrypt. how did you guys get JTR to work since it is not natively supported?
also, did you guys happen to notice LM hash had a bunch of plains that appeared to look like encoded PHP? for example:
\U77F3\U67F1\U
\U6CE2\U6FE4\U
\U8B66\U5099\U
\U63D0\U723E\U
\U7600\U9752\U
or perhaps it was a dead end
05-21-2015, 06:05 AM
JTR does have scrypt support...
https://github.com/magnumripper/JohnTheR...h?q=scrypt
https://github.com/magnumripper/JohnTheR...h?q=scrypt
05-21-2015, 06:39 AM
thx, epixoip!
05-21-2015, 10:31 AM
(05-21-2015, 03:40 AM)forumhero Wrote: [ -> ]LM hash had a bunch of plains that appeared to look like encoded PHP? for example:
\U77F3\U67F1\U
> Encoded PHP
kek
05-21-2015, 11:39 AM
(05-21-2015, 06:05 AM)epixoip Wrote: [ -> ]JTR does have scrypt support...I got the precompiled binaries from 1.8.0 jumbo1 (win64) and could not get it to work (can't load hashes). Do you have to change the hash format? What --format value do you use in the command line, scrypt?
https://github.com/magnumripper/JohnTheR...h?q=scrypt
Edit: I tried also the bleeding jumbo version 1.8.0.2 and had the same problem.
05-21-2015, 10:45 PM
If you look at the plugin you will see the format it expects:
https://github.com/magnumripper/JohnTheR...t.c#L54-78
You can also look at prepare() in the same file as well.
https://github.com/magnumripper/JohnTheR...t.c#L54-78
You can also look at prepare() in the same file as well.
05-22-2015, 04:44 AM
(05-21-2015, 10:45 PM)epixoip Wrote: [ -> ]If you look at the plugin you will see the format it expects:Thanks for the help. I don't get it. I am in the bleeding jumbo version, I put one the hash that they provide in the link you gave me:
https://github.com/magnumripper/JohnTheR...t.c#L54-78
You can also look at prepare() in the same file as well.
Code:
$ScryptKDF.pm$16384*8*1*VHRuaXZOZ05INWJs*JjrOzA8pdPhLvLh8sY64fLLaAjFUwYCXMmS16NXcn0A=Code:
john.exe --format=scrypt --wordlist=dic4.txt hash.txt05-22-2015, 05:12 AM
I had a similar issue. If you downloaded the Window pre-compiled binary then you are unlikely to be using the latest bleeding jumbo. Try this command below and check the results:
If the result from the last line looks similar to the output below then it is not the latest bleeding jumbo.
Code:
john --list=format-tests --format=scryptIf the result from the last line looks similar to the output below then it is not the latest bleeding jumbo.
Code:
scrypt 10 SCRYPT:16384:8:1:VHRuaXZOZ05INWJs:JjrOzA8pdPhLvLh8sY64fLLaAjFUwY
CXMmS16NXcn0BhlHpZJ3J2jcozCDM7t+sfjkgQ894R+f+ldVWM5atlkA== password05-22-2015, 07:47 AM
Congrats Team Hashcat, you really showed us all how it's meant to be done.
Our team write-up is also up
We had lots of fun!
http://cynosureprime.blogspot.com/
Our team write-up is also up
We had lots of fun!
http://cynosureprime.blogspot.com/
Pages: 1 2