[prev in list] [next in list] [prev in thread] [next in thread] 

List:       john-users
Subject:    [john-users] Crack IOS7 RestrictionsPasswordKey hashes from com.apple.restrictionspassword.plist fil
From:       magnum <john.magnum () hushmail ! com>
Date:       2014-01-06 1:33:24
Message-ID: 69034a26ba029fc621b89e372958bbcc () smtp ! hushmail ! com
[Download RAW message or body]

In a recent discussion on Hashcat forums 
(http://hashcat.net/forum/thread-2892.html) we discovered the algo 
behing IOS 7.02+ hashing of "Restrictons" PIN code. Until now it was in 
the clear, now it's pbkdf2-hmac-sha1 with 1000 iterations. From 
googling, it seems noone figured this out before.

HashCat does not have any generic pbkdf2-hmac-sha1 format though, so it 
can't be used yet. I really thought we had one but we didn't! So I 
whipped one up and while I was at it, I wrote an "ios7tojohn.pl" tool to 
fetch and convert the hashes from a .plist. I haven't tested it except 
with snippets posted on forums.

Since it's just a 4-digit PIN code the keyspace is really really tiny so 
it's a guaranteed crack in a split second. The problem is not the choice 
of algorithm: There's not much Apple can do about it except using 
password instead of PIN.

The code is in latest bleeding tree:
https://github.com/magnumripper/JohnTheRipper/tarball/bleeding-jumbo

magnum

[prev in list] [next in list] [prev in thread] [next in thread]