jstucke
commented
2 years ago "hash type is not supported" is more like a general error message when cracking the password failed. It sure looks like a normal MD5 entry. I can't tell what exactly went wrong, though. You could try it manually by copying the hash into a text file and running john (at least this could tell us what went wrong):
src/plugins/analysis/users_and_passwords/bin/john hash.txt
If my understanding is correct, then the format for the
/etc/passwdentry is:$id$salt$encryptedwhereidis the encryption method, right?So how come it was able to accept the hash type for the second entry and decrypt it, but not the first one?