decrypting htpasswd
Stephen Carville
stephen at totalflood.com
Mon Jan 24 20:00:37 UTC 2005
On Mon January 24 2005 11:45 am, Steve Phillips wrote:
> To answer the original question - generally John the ripper requires the
> password files to be in a specific format (when I last used it it was unix
> password file format) which means that you may need to move the hash into
> a pseudo password type file and tell john the ripper to try cracking it.
> The information you require is all in the John the Ripper documentation,
> it would probably be prudent to read it.
John can handle the htpasswd file as is if the password is stored using the
system crypt() function. IF the password is stored in the Apache md5 format
there is a patch that enables john to attack it.
--
Stephen Carville
Unix and Network Adminstrator
Nationwide-Totalflood
6033 W.Century Blvd.
Los Angeles, CA 90045
310-342-3602
More information about the redhat-list
mailing list