solardiz
commented
1 month ago @marksilinio Is this something you intend to work on? Is only a 2john tool needed (perhaps mactelnet2john) and it'd work with an existing salted MD5 format in john?
Password
--------
This is sent in response to a servers encryption key control packet.
It contains a null byte followed by an MD5 digest of a null character
concatenated with the users password and the encryption key.Sounds like a new dynamic format will need to be specified because of the null character component.
Mikrotik uses salted MD5 for authentication, an explanation of the protocol can be found here: https://omniflux.com/devel/mikrotik/Mikrotik_MAC_Telnet_Procotol.txt
see also https://wiki.wireshark.org/Protocols/mactelnet and https://github.com/haakonnessjoen/MAC-Telnet/