Sample non-hashes (to be) supported by JtR

1Password "Agile Keychain"

Supported in JtR 1.7.9-jumbo-8 and above.

Sample 1Password “Agile Keychain” files

Lotus Notes ID files

STRIP password manager

Supported in JtR 1.7.9-jumbo-8 and above.

  • strip.db.gz STRIP database. Password is “openwall”.

STRIP 2.1 password manager

7-Zip

Apple Disk Image files

New disk images created with a recent version of OSX, including .sparseimage and .sparsebundle which are also used by Apple Time Machine and FireVault (up to Lion)

EFS - Encrypting File System files (Microsoft)

  • usb-efs-jtr.7z File is a 7zip compressed DD image, it's 206Mb in total size only 175Mb used space.

EIGRP MD5 auth packets

Sample EIGRP MD5 authentication packet captures

Gadu-Gadu auth packets

GNOME Keyring

Supported in JtR 1.7.9-jumbo-8 and above.

Sample GNOME Keyring file(s)

GPG

Supported in JtR 1.7.9-jumbo-8 and above.

Sample GnuPGP file(s)

HSRP MD5 auth packets

Sample HSRP MD5 authentication packet captures

IKE PSK

Supported in JtR 1.7.9-jumbo-8 and above.

Sample IKE PSK file(s)

iSCSI CHAP

Supported in JtR 1.7.9-jumbo-8 and above. Use Ettercap to get JtR compatible hashes from .pcap files.

Sample iSCSI CHAP pcap file(s)

KeePass

Supported in JtR 1.7.9-jumbo-6 and above.

Sample KeePass files

Kerberos v5 Pre-Authentication

KeyStore

Supported in bleeding-jumbo (will be JtR 1.8.0-jumbo1) and above.

KWallet

Supported in bleeding-jumbo (will be JtR 1.8.0-jumbo1) and above.

LastPass

Sample LastPass files

LUKS

Supported by JtR-jumbo (bleeding-jumbo branch).

Sample LUKS files

MongoDB network authentication

Supported in JtR 1.7.9-jumbo-8 and above.

Mozilla Firefox, Thunderbird and SeaMonkey Master Password

Supported in JtR 1.7.9-jumbo-6 and above.

Sample profiles (contributed by Rich and Dhiru)

See doc/README.mozilla or latest README.mozilla for information about cracking Mozilla Master passwords.

Mac OS X Keychain files

Supported in JtR 1.7.9-jumbo-6 and above.

Sample keychain files (contributed by Erik)

Office

Sample files (created using LibreOffice and MS Office)

Sample files (contributed by Rich)

NOTE: Office 2003, 2007, 2010 files are supported by JtR 1.7.9-jumbo-7 and above. NOTE: Office 2013 will be supported by JtR 1.7.9-jumbo-8 and above.

The README files inside have further information and details about these files

Oracle O5LOGON

Supported in JtR 1.7.9-jumbo-8 and above. Use Ettercap to get JtR compatible hashes from .pcap files.

Sample Oracle O5LOGON pcap file(s)

Password Safe

Supported in JtR 1.7.9-jumbo-6 and above.

Sample Password Safe files

PDF

Supported in JtR 1.7.7-jumbo-6 and above.

Sample PDF files (mostly generated using Adobe Acrobat X Pro):

PuTTY's private key files

Supported in JtR 1.7.9-jumbo-8 and above.

Sample PuTTY's private key files

PPTP MS-CHAPv2

Supported in JtR 1.7.9-jumbo-8 and above. Use Ettercap to get JtR compatible hashes from .pcap files.

Sample PPTP MS-CHAPv2 pcap file(s)

PKCS #12 files

Supported in JtR 1.7.9-jumbo-8 and above.

Sample PKCS #12 files

RAR 5.0

Supported in bleeding jumbo.

Sample RAR 5.0 files (created using Linux RAR CLI )

'p' mode =⇒ rar a -ma5 rar5-p0-password.rar -p secret.txt

'hp' mode =⇒ rar a -ma5 rar5-hp0-password.rar -hp secret.txt

RAR

Supported in JtR 1.7.7-jumbo-6 and above.

Generating test RAR files

Download link for RAR utility: http://www.rarlab.com/download.htm

echo "test" > test.txt
rar a testhp0.rar -hp password test.txt
rar a testp0.rar -p password test.txt
rar a testplain.rar test.txt

Sample RAR files (created using WinRAR)

hp0.rar file is created using rar -hp
p0.rar file is created using rar -p

SSH

Supported in JtR 1.7.7-jumbo-6 and above.

Sample SSH private keys (created using ssh-keygen and OpenSSL):

dsa_test_enc.key is a PKCS#8 format key created using OpenSSL. The rest of the key files are generated using ssh-keygen.

SSH (new format keys, January 2014)

Not supported yet ;(

Sample new format SSH private keys (created using ssh-keygen):

TrueCrypt Volumes

Supported in JtR 1.7.9-jumbo-8 and above.

Sample TrueCrypt file(s)

VNC

Supported in JtR 1.7.9-jumbo-6 and above.

Sample VNC pcap files (contributed by Rich and Dhiru)

WPA-PSK

There are also good samples in the test directory of aircrack-ng.

Note that the “bad auths” can be cracked even though they were not correct for that AP. So we crack what the client thought was the password.

ZIP

AES-encrypted WinZip archives are supported in JtR 1.7.8-jumbo-2 and above. Note: as currently implemented, false positives may occur (in other words, non-working passwords may be found), typically if the actual passwords are complicated.

Sample ZIP files (created using WinZip and WinRAR):

john/sample-non-hashes.txt · Last modified: 2014/09/09 08:11 by dhiru
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate to DokuWiki Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki Powered by OpenVZ Powered by Openwall GNU/*/Linux Bookmark and Share