[prev in list] [next in list] [prev in thread] [next in thread]
List: john-users
Subject: [john-users] Crack IOS7 RestrictionsPasswordKey hashes from com.apple.restrictionspassword.plist fil
From: magnum <john.magnum () hushmail ! com>
Date: 2014-01-06 1:33:24
Message-ID: 69034a26ba029fc621b89e372958bbcc () smtp ! hushmail ! com
[Download RAW message or body]
In a recent discussion on Hashcat forums
(http://hashcat.net/forum/thread-2892.html) we discovered the algo
behing IOS 7.02+ hashing of "Restrictons" PIN code. Until now it was in
the clear, now it's pbkdf2-hmac-sha1 with 1000 iterations. From
googling, it seems noone figured this out before.
HashCat does not have any generic pbkdf2-hmac-sha1 format though, so it
can't be used yet. I really thought we had one but we didn't! So I
whipped one up and while I was at it, I wrote an "ios7tojohn.pl" tool to
fetch and convert the hashes from a .plist. I haven't tested it except
with snippets posted on forums.
Since it's just a 4-digit PIN code the keyspace is really really tiny so
it's a guaranteed crack in a split second. The problem is not the choice
of algorithm: There's not much Apple can do about it except using
password instead of PIN.
The code is in latest bleeding tree:
https://github.com/magnumripper/JohnTheRipper/tarball/bleeding-jumbo
magnum
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic