Cracking Mac OS X salted SHA-1 passwords

It is probably the simplest to use JtR Pro, which includes the XPWDUMP tool to dump the hashes and readily supports Mac OS X salted SHA-1 hashes. You can use the Mac OS X native or the Linux version of JtR Pro (in case you prefer to audit your OS X hashes on a Linux box) - both of them support these hashes (although the XPWDUMP tool is only included with JtR Pro for Mac OS X).

If you don't want to use JtR Pro, then other options are to use an unofficial build of JtR with the jumbo patch or to make your own build. You won't obtain XPWDUMP in this way, though, so you'd need to be dumping the hashes on your own (this article refers to slightly outdated unofficial builds - please use more current ones instead).

If you choose to make your own build of JtR on Mac OS X, you'd need to download and install XCode (roughly a 1 GB download).

Once again, simply going for JtR Pro for Mac OS X avoids all of those complications.

Back to John the Ripper tutorials.

john/tutorials/macosx-salted-sha1.txt · Last modified: 2010/03/15 23:00 by solar
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate to DokuWiki Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki Powered by OpenVZ Powered by Openwall GNU/*/Linux