How to use Wordlist to crack a password which have ” “(space) in it?

I am new to this forum and this is the first time I try “John the Ripper”.

Currently I forget a password but I remember that there is a space inside it like [John-+the Ripper@putty];[] is not a part of the password.

I would like to know how to make a Wordlist to crack a password like this. I have read an article from openwall.com https://www.openwall.com/lists/john-users/2008/10/17/2

However, the article does not include the combination like this form [John-+the Ripper@putty]

I have also made a new ppk with a simple password [ +Ee] with a wordlist

+ E e

to test the method but no luck, seems I have misunderstanding on the Wordlist method.

Sorry for my English.

How long to crack 24 character mysql password?

I recently set up my WordPress blog and I changed the password of its mysql database to a 24 character randomly generated password. I have a few questions about the database:

  1. Is my database name visible?
  2. Does a hacker need both the database name and the password to crack it?
  3. How long would it take to crack a 24 char mysql password using 10 Nvidia 1080ti video cards?

I searched Security.SE but couldn’t find any specific questions about wordpress sql security. This wordpress.org page explains how databases are created but nothing specific about its visibility.

John the Ripper doesn’t crack passwords when I use wordlists

Title says it all, I can’t tell if John is just crashing or “gives up” on cracking the hash. First I start off by creating an md5 hash out of a word I KNOW is on the rockyou.txt wordlist:

echo -n 'password' | md5sum > testhash 

After removing the hyphen at the end of the test hash file:

5f4dcc3b5aa765d61d8327deb882cf99 

Now I attempt to crack the md5 hash using the following John the Ripper command:

john --format=raw-md5 --wordlist= /usr/share/wordlists/rockyou.txt testhash 

I get the output:

Loaded 1 password hash (Raw-MD5 [MD5 256/256 AVX2 8*3]) No password hashes left to crack (see FAQ) 

Then I run:

john --show testhash 

Which outputs:

0 password hashes cracked, 2 left 

Sorry if I’m doing something terribly wrong, but I’m at a loss here. I’m assuming it’s something wrong with how my installation of John on Kali Linux is handling the wordlist. Thank you in advance!

Can you help me crack this hash?

i need help with this: for an exercise i need to crack this hash $ apr1$ cy5UgTjB$ 1D.TuLHrP.Q5ZN7evMbRS1 I found with hash-identifier that it’s a MD5(APR) hash, -m 1600 in hashcat. So i runned:

hashcat -a 0 -m 1600 $  apr1$  cy5UgTjB$  1D.TuLHrP.Q5ZN7evMbRS1 /usr/share/wordlists/rockyou.txt --force 

But i get this error

Hash 'D.TuLHrP.Q5ZN7evMbRS1:asltey': Separator unmatched No hashes loaded. 

Do you know why? Thank you.

Crack LCG given 2 output values only

I want to try to break an LCG generator just as programming practice task. I found similar issue at Cracking a linear congruential generator.

Assume that m is given. The answer to the link above assumes that there are 3 consecutive output values given. Then it is just solving the resulting 2 linear equations. But what if there are only 2 values given? For some values, there probably will be several candidate LCG. How to list all of them and do so efficiently?

Crack php hashed password

Is there right way to crack php hashed password ?

I used to hash a password php password_hash() method. Php version 7.3

Then i create a word list using python script. It’ s size around 1GB.

Then i crete a php script to read that word list and verify the password. To do that i used password_verify() method in php.

Finaly i execute the php script using terminal.

Its worked fine. But getting too much time to crack the password.

As a student i like to write my own scripts and tools. So any one has a idea to get much performance and efficiant way to do this kind of work.

I also searched about clustering and , gpu using for password cracking.

But i didn’t get any chance to learn breefly above concepts.

How to crack MD4 hashes when username is known

I have come across a hash and hash-identifier identifies it to be of type I came across this answer which is a very good reference point, however, I wanted to know three things:

  1. Online tools to crack this hash given the password. I did come across hashcat and john the ripper. I tried the latter without giving the username(no results). Hashcat did not have the appropriate documentation for the same.
  2. wordlist to be used to brute-force the password
  3. Is scripting the only way to crack the password? Which library should be used? python3 does not have an md4 function.