2 Jun 2005 17:49
Re: using John to crack MD5 password with more than 13 characters
Dear Sir,
I await your response. mon_hl-PkbjNfxxIARBDgjK7y7TUQ@public.gmane.org.
Regards,
Fred
Denis Ducamp <Denis.Ducamp-Hj/Rmgn/efDYtjvyW6yDsg@public.gmane.org> wrote:
Denis Ducamp <Denis.Ducamp-Hj/Rmgn/efDYtjvyW6yDsg@public.gmane.org> wrote:
On Thu, Jun 02, 2005 at 12:03:33PM -0300, Alceu R. de Freitas Jr. wrote:
> Hello everybody,
Hi,
> I have an web application that uses MD5 and base64
> encoding to protect users passwords. I would like to
> run john against these passwords and check for weak
> ones.
[...]
> There is any way to use John the Ripper to help with
> that?
By default john only knows about "Unix'md5" not raw md5. You have to apply
the raw-md5 patch and try with --format=rawMD5.
The format of the password should be the same as the one from openssl :
$ echo -n bunda | openssl md5
55b0c86ed75326a42b7a48c3fbf67baf
Have fun,
Denis.
--
http://www.groar.org/enough/bushit.jpg
RSS Feed