Government Security
Network Security Resources

Jump to content

Photo

John The Ripper And Md5 Hashes

security hash md5 dictionary
  • Please log in to reply
1 reply to this topic

#1 m4rtin

m4rtin

    Private

  • Members
  • 1 posts

Posted 06 February 2011 - 03:17 PM

I tried to create few MD5 hashes using openssl and then crack those hashes using John the Ripper(version 1.7.3.1) and dictionary file. At first I made a crackable file for john:

root@martin-desktop:~# echo test:`printf secret | openssl md5` > md5crypt
root@martin-desktop:~# cat md5crypt
test:5ebe2294ecd0e0f08eab7690d2a6ee69
root@martin-desktop:~#

..then verified, that secret is present in /usr/share/john/password.lst file:

root@martin-desktop:~# grep -w secret /usr/share/john/password.lst 
secret
root@martin-desktop:~# 

..and finally tried to crack this MD5 hash using john. However, this didn't work:

root@martin-desktop:~# john --wordlist=/usr/share/john/password.lst md5crypt
Loaded 2 password hashes with no different salts (LM DES [64/64 BS MMX])
guesses: 0  time: 0:00:00:00 100%  c/s: 44257  trying: SKIDOO - ZHONGGU
root@martin-desktop:~# 

As you can see, john detects this as a "LM DES [64/64 BS MMX]" not "MD5". So I tried with "--format" options:

root@martin-desktop:~# john --wordlist=/usr/share/john/password.lst --format=MD5 md5crypt
No password hashes loaded
root@martin-desktop:~# john --wordlist=/usr/share/john/password.lst --format=raw-MD5 md5crypt
No password hashes loaded
root@martin-desktop:~#

As I understand, john does not detect the MD5 hash inside my md5crypt file. What might cause this? Or am I doing something wrong? :rolleyes:

#2 webdevil

webdevil

    Retired GSO General

  • Sergeant Major
  • 1,195 posts

Posted 06 February 2011 - 05:47 PM

You should be applying the jumbo patch with this.
This patch will help it crack the raw-md5 hash.
http://openwall.com/john/



john.exe test.txt --format=raw-md5
Loaded 1 password hash (Raw MD5 [raw-md5 SSE2 16x4])
secret (test)
guesses: 1 time: 0:00:00:00 100.00% (2) (ETA: Mon Feb 7 07:13:00 2011) c/s: 207250 trying: 12345 - falcon







Also tagged with one or more of these keywords: security, hash, md5, dictionary