Results 1 to 3 of 3

Thread: weired issue with John brute force

  1. #1
    Just burned his ISO
    Join Date
    Aug 2010
    Posts
    2

    Default weired issue with John brute force

    Hi all,

    I am having a weired issue with John the ripper or maybe the issue is the dumped hash itself.

    The hash I get with fgdump looks like that :
    phocean:04A23****************63B71A0:domain.com

    I thought it was weired because usually the hash is supposed to look like that :
    phocean:500:B267************B51404EE:36AA********* ****2A31C3FC:::

    Anyway, I tried to brute force it the hard way (standard rules) :
    $ ./john hash.txt

    John just ends without finding the password.
    It is weired because it is supposed to find it. The hash seems valid, John doesn't complain.

    To make sure, and because I know the password, I tried with a dictionary attack with a file containing my password and... it worked !

    So :
    - the hash seems valid and a dictionnary attack succeeds
    - John fails on brute forcing this particular hash (it worked with some different hashes)

    I just can't understand what is going wrong. Has anyone ever had such an issue ? Or seen this kind of hash ?

  2. #2
    Junior Member Liuser's Avatar
    Join Date
    Apr 2010
    Posts
    58

    Default Re: weired issue with John brute force

    phocean - it is a cache password. Use JTR flag: --format=mscash

  3. #3
    Just burned his ISO
    Join Date
    Aug 2010
    Posts
    2

    Default Re: weired issue with John brute force

    Thank you for your answer, I will try that.
    I see those hashes are salted and it explains well why it failed.
    However is there any logical explanation that the dictionary attack works straight forward ?

Similar Threads

  1. Brute force a .cap
    By grahamb314 in forum OLD Newbie Area
    Replies: 2
    Last Post: 01-02-2010, 02:49 PM
  2. BT4 Brute Force...
    By xPhantom in forum OLD Newbie Area
    Replies: 11
    Last Post: 12-16-2009, 07:52 PM
  3. SSH Brute Force
    By hhmatt in forum OLD BackTrack 4 Software Related Issues
    Replies: 3
    Last Post: 12-15-2009, 11:35 PM
  4. Brute Force A Router??
    By kdiggity317 in forum OLD Newbie Area
    Replies: 24
    Last Post: 10-12-2008, 10:00 PM
  5. brute force words per sec
    By intertan in forum OLD Newbie Area
    Replies: 1
    Last Post: 12-28-2007, 10:03 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •