.

Help needed JTR

<<

millwalll

Post Mon Jul 18, 2011 8:41 am

Help needed JTR

I am trying to crack some hashes and keep getting this error

Generic crypt(3) module: hash encoding string length 20, type id $L appears to be unsupported on this system; will not load such hashes. it still run but i guess it not working as the hashes are not loaded.


any advice ?
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Mon Jul 18, 2011 9:51 am

Re: Help needed JTR

What are the first 3 characters of the hash? It should start with a $
<<

millwalll

Post Mon Jul 18, 2011 10:01 am

Re: Help needed JTR

well it has username:$6$sdhfgisfjhidjfi so on
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Mon Jul 18, 2011 10:09 am

Re: Help needed JTR

What version of JTR are you running? That hash is for SHA 512 and I know older versions didn't support that. I'm not sure if there is a diff patch or if the newest version even supports SHA-512. Can you confirm?
<<

millwalll

Post Mon Jul 18, 2011 10:12 am

Re: Help needed JTR

Hi version is 1.7.6 I read that somewhere else too that there was problem with SHA hashes is there any other way to break them that you know ?

or do I need to patch JTR?
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Mon Jul 18, 2011 10:17 am

Re: Help needed JTR

I dont think it supports it but I could be wrong. I would probably just use an online service like http://crackstation.net/ this guy created a perl one http://blog.hacker.dk/2010/04/cracking- ... passwords/
<<

millwalll

Post Mon Jul 18, 2011 10:50 am

Re: Help needed JTR

lol I just found that perl one i am trying it now :P
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Mon Jul 18, 2011 10:52 am

Re: Help needed JTR

According to this...

http://openwall.info/wiki/john/sample-hashes

...SHA-512 is supported in 1.7.6+ (as long as the underlying OS supports it <-- not sure what this means).  Or am I interpreting that wrong?

**UPDATE**
Reading this...

Its made in perl, and it simply uses the operating system’s crypt function. So if you have a system that supports SHA passwords, so will my tool.


...from the hacker.dk link cd1zz posted, I think the section I put in parentheses above means the same thing..?
Last edited by lorddicranius on Mon Jul 18, 2011 10:58 am, edited 1 time in total.
GSEC, eCPPT, Sec+
<<

millwalll

Post Mon Jul 18, 2011 11:19 am

Re: Help needed JTR

Thanks I am trying it now just a pain when you want something to be easy
<<

Data_Raid

User avatar

Full Member
Full Member

Posts: 165

Joined: Fri Nov 09, 2007 5:55 am

Post Mon Jul 18, 2011 2:59 pm

Re: Help needed JTR

I had this problem too a while back. The error message: "Generic crypt (3) module: hash encoding string length x, type id y appears to be unsupported on this system" refers to the crypt function not being present on the system or JTR 1.7.6 and above was compiled without crypt being present on the system. I was unable to crack SHA-512 passwords with JTR 1.7.6 and above until I installed the crypt package on my Backtrack 4 system by typing:
  Code:
apt-get install mcrypt
and then recompiling JTR with the crypt support. Once that was done I was able to successfully crack SHA-512 passwords:

root@bt:/tmp/john-1.7.8/run# cat sha512.txt
$6$zWwwXKNj$gLAOoZCjcr8p/.VgV/FkGC3NX7BsXys3KHYePfuIGMNjY83dVxugPYlxVg/evpcVEJLT/rSwZcDMlVVf/bhf.1

root@bt:/tmp/john-1.7.8/run# ./john sha512.txt
Loaded 1 password hash (generic crypt(3) [?/32])
No password hashes left to crack (see FAQ)
root@bt:/tmp/john-1.7.8/run# ./john --show sha512.txt
?:password

1 password hash cracked, 0 left

I usually apply the Jumbo patch to JTR which provides support for many more hash and cipher types, now includes Winzip password cracking which I want to play around with. The Jumbo patch is available for download here:
http://www.openwall.com/john/g/john-1.7 ... -2.diff.gz
Instructions on how to apply the Jumbo patch are available here: http://openwall.info/wiki/john/how-to-e ... ly-patches

Passwords that are a SHA-512 hash, start with $6$ (86 characters)
Default password hashing method for Ubuntu Linux

SHA-256 hashes start with $5$ (43 Characters)
MD5 hashes start with $1$ (22 characters)
Blowfish hashes start with $2$ or $2a$ (depending on the variant used)
All men by nature desire knowledge.

Aristotle
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Mon Jul 18, 2011 4:25 pm

Re: Help needed JTR

Ah, I see.  Thanks for clarifying that, Data_Raid.  I'm wonder: anybody know why BT5 doesn't come with JTR compiled with crypt support by default?  Is SHA-512 not common enough or something?
GSEC, eCPPT, Sec+

Return to Tools

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software