Sample non-hashes (to be) supported by JtR

NOTE: We now have a repo https://github.com/openwall/john-samples with all data from here.

JtR-jumbo supports way many more hashes (or non-hashes) than that are listed on this page.

1Password "Agile Keychain"

Supported in JtR 1.7.9-jumbo-8 and above.

Sample 1Password “Agile Keychain” files

7-Zip

Sample 7-Zip files

Apple Disk Image files (DMG)

New disk images created with a recent version of OSX, including .sparseimage and .sparsebundle which are also used by Apple Time Machine and FileVault (up to Lion)

Bitcoin Core and Bitcoin-based altcoin wallet files

Sample Bitcoin Core wallet files

Sample Bitcoin-based altcoin wallet files

  • xdn_wallet.zip (DigitalNote [XDN] wallet using new Berkeley DB with btree version 10)

BitLocker images

DHCP authentication packets

Sample DHCP authentication packet captures

eCryptfs

Version 1:

Version 2:

EFS - Encrypting File System files (Microsoft)

  • usb-efs-jtr.7z File is a 7zip compressed DD image, it's 206Mb in total size only 175Mb used space.

EIGRP MD5 auth packets

Sample EIGRP MD5 authentication packet captures

FreeBSD GELI disk encryption

Sample GELI encrypted disk images

Gadu-Gadu auth packets

GNOME Keyring

Supported in JtR 1.7.9-jumbo-8 and above.

Sample GNOME Keyring file(s)

GPG

Supported in JtR 1.7.9-jumbo-8 and above.

Sample GnuPGP file(s)

HSRP MD5 auth packets

Sample HSRP MD5 authentication packet captures

IKE PSK

Supported in JtR 1.7.9-jumbo-8 and above.

Sample IKE PSK file(s)

iSCSI CHAP

Supported in JtR 1.7.9-jumbo-8 and above. Use Ettercap to get JtR compatible hashes from .pcap files.

Sample iSCSI CHAP pcap file(s)

iTunes Backup

Sample iTunes Backup manifest files.

Jetico BestCrypt

Sample Jetico BestCrypt Containers

KeePass

Supported in JtR 1.7.9-jumbo-6 and above.

Sample KeePass files

Kerberos v5 Pre-Authentication

Keynote

KeyStore

Supported in bleeding-jumbo (will be JtR 1.8.0-jumbo1) and above.

KWallet

Supported in bleeding-jumbo (will be JtR 1.8.0-jumbo1) and above.

LastPass

Sample LastPass files

Lotus Notes ID files

LUKS

Supported by JtR-jumbo (bleeding-jumbo branch).

Sample LUKS files

MongoDB network authentication

Supported in JtR 1.7.9-jumbo-8 and above.

Mozilla Firefox, Thunderbird and SeaMonkey Master Password

Supported in JtR 1.7.9-jumbo-6 and above.

Sample profiles (contributed by Rich and Dhiru)

See doc/README.mozilla or latest README.mozilla for information about cracking Mozilla Master passwords.

Mac OS X Keychain files

Supported in JtR 1.7.9-jumbo-6 and above.

Sample keychain files (contributed by Erik)

OpenBSD disk encryption

Sample encrypted disk images.

Office

Sample files (created using M$ Office 2016)

Sample files (created using LibreOffice and MS Office)

Sample files (contributed by Rich)

NOTE: Office 2003, 2007, 2010 files are supported by JtR 1.7.9-jumbo-7 and above. NOTE: Office 2013 will be supported by JtR 1.7.9-jumbo-8 and above.

The README files inside have further information and details about these files

Oracle O5LOGON

Supported in JtR 1.7.9-jumbo-8 and above. Use Ettercap to get JtR compatible hashes from .pcap files.

Sample Oracle O5LOGON pcap file(s)

Padlock Password Manager

Sample Padlock encrypted databases

Password Safe

Supported in JtR 1.7.9-jumbo-6 and above.

Sample Password Safe files

PDF

PEM

PuTTY's private key files

Supported in JtR 1.7.9-jumbo-8 and above.

Sample PuTTY's private key files

PPTP MS-CHAPv2

Supported in JtR 1.7.9-jumbo-8 and above. Use Ettercap to get JtR compatible hashes from .pcap files.

Sample PPTP MS-CHAPv2 pcap file(s)

PKCS #12 files

Supported in JtR 1.7.9-jumbo-8 and above.

Sample PKCS #12 files

RAR 5.0

Supported in bleeding jumbo.

Sample RAR 5.0 files (created using Linux RAR CLI )

'p' mode =⇒ rar a -ma5 rar5-p0-password.rar -p secret.txt

'hp' mode =⇒ rar a -ma5 rar5-hp0-password.rar -hp secret.txt

RAR

Supported in JtR 1.7.7-jumbo-6 and above.

Generating test RAR files

Download link for RAR utility: http://www.rarlab.com/download.htm

echo "test" > test.txt
rar a testhp0.rar -hp password test.txt
rar a testp0.rar -p password test.txt
rar a testplain.rar test.txt

Sample RAR files (created using WinRAR)

hp0.rar file is created using rar -hp
p0.rar file is created using rar -p

SSH

Supported in JtR 1.7.7-jumbo-6 and above.

Sample SSH private keys (created using ssh-keygen and OpenSSL):

dsa_test_enc.key is a PKCS#8 format key created using OpenSSL. The rest of the key files are generated using ssh-keygen.

SSH (new format keys, January 2014)

Supported by https://github.com/magnumripper/JohnTheRipper/.

Sample new format SSH private keys (created using ssh-keygen):

STRIP password manager

Supported in JtR 1.7.9-jumbo-8 and above.

  • strip.db.gz STRIP database. Password is “openwall”.

STRIP 2.1 password manager

TrueCrypt Volumes

Supported in JtR 1.7.9-jumbo-8 and above.

Sample TrueCrypt file(s)

VNC

Supported in JtR 1.7.9-jumbo-6 and above.

Sample VNC pcap files (contributed by Rich and Dhiru)

VRRP MD5 auth packets

Sample VRRP MD5 authentication packet captures

More samples can be found at https://github.com/kholia/my-pcaps.

WPA-PSK

There are also good samples in the test directory of aircrack-ng.

Note that the “bad auths” can be cracked even though they were not correct for that AP. So we crack what the client thought was the password.

ZIP

AES-encrypted WinZip archives are supported in JtR 1.7.8-jumbo-2 and above. Note: as currently implemented, false positives may occur (in other words, non-working passwords may be found), typically if the actual passwords are complicated.

Sample ZIP files (created using WinZip and WinRAR):

john/sample-non-hashes.txt · Last modified: 2020/09/10 14:58 by magnum
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate to DokuWiki Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki Powered by OpenVZ Powered by Openwall GNU/*/Linux