Closed kholia closed 9 years ago
Yes, yes and yes :)
Currently, the format has problems cracking hashes from different CIsco IOS / IOU versions. To make this format robust, more reversing work is required.
I am travelling soon and will be back around 28th of October.
The format seems to be more robust with the latest changes. Closing this tracking ticket.
That would be 82148f4a, 0120253, 2506916e5 and 1a497b8 just for the record.
Commit 0120253f allowed algo_type 3 (SHA256) in addition to algo_type 2 (MD5) in run/eigrp2john.py.
But the message for unknown / unsupported algorithms has not been changed: "[-] Ignoring non-MD5 auth type in packet %s!\n"
.
But --format=eigrp still rejects those algo_type 3 hashes.
IMHO, the user should be warned if some of the valid hashes are rejected because algo_type 3 support has not been implemented.
Since you provided no description, I'll ask.
Apparently, eigrp hash algo_type as first field of the salt. Currently, this also_type is not really used, so I assume there's currently just one algo type supported. Do you intend to add support for other algo types? Will the improved valid() reject a hash if the algo type is not supported?
If you add more algo types, and these differ in c/s rate, can you report the algo type as tunable cost?