22 Feb
2015
22 Feb
'15
6:37 p.m.
On Sun, Feb 22, 2015 at 5:01 PM, Alex Regan mysqlstudent@gmail.com wrote:
Do you happen to know if there's a pre-built version of John-the-Ripper or another password testing program that's available and works with these new passwords?
I don't know that this is all that new. It's also self-describing, the /etc/shadow entry contains the 8 or 16 character salt, so whatever's doing the password+salt+SHA512rounds work knows from /etc/shadow what to do. And if rounds= is used in /etc/pam.d/passwd, the next time you use passwd, it writes out $rounds=x$ in the 2nd field in /etc/shadow, so that too is self describing. I'd expect that jtr can directly parse these variants in /etc/passwd, but I haven't tested it.
--
Chris Murphy