On Fri, Jul 15, 2011 at 7:27 PM, Lisa Kachold wrote: > Mark, > > On Thu, Jul 14, 2011 at 6:56 PM, Mark Phillips > wrote: > >> Lisa, >> >> John the Ripper has been running for almost 2 days trying to crack the >> password....still no success. >> > > I think it's hung. > Nope. the log file keeps spitting out what it is testing. I stopped it today and moved the process to another machine. You can see the results as reported in the log file at http://pastebin.com/pBZHfAS2 when I stopped the program . The other machine is slower (about 1.85 times slower, so it will take until Monday for it to catch up....the original machine was a x64, and the new machine is an i386, so I couldn't resume on the new machine). I will let you know if it finds the password after a week or two....;-) > What options did you pass it? > None. Except that I used another program that came with john to join the passwd and shadow files into one file. John needed that. I can send you the passwd file if you are interested. > > Did you feed it a dictionary file? > Just the one that came with john... > > It probably has a different encryption format than the linux john is on. > > What ports are open on the thing? SSH? You can try ettercap with arp > spoof MITM? > SSH seems to be open since it asks for a password. rsync and telnet are all that I know. There is a java "hack" program acp_commander.jar that will connect with telnet, but I do not get any response from the device, although it says it is connected. acp-commander.jar use to be the way in, but since firmware version 1.41, it has not worked. http://downloads.buffalo.nas-central.org/TOOLS/ALL_LS_KB_ARM9/ACP_COMMANDER/, http://buffalo.nas-central.org/index.php/Open_Stock_Firmware and my particular box. I have downloaded the firmware for the box and modified it to accept ssh login without a password (using ssh keys). I just have not been able to reflash the unit. The web interface only flashes what it downloads from buffalo.com. The windows program the box came with does not have a way to flash the unit. Embedded in the firmware download is a windows exe which is supposed to be a program to flash the unit....just haven't had the intestinal fortitude to try it out...I need to find the "way back" in case I brick the device, and I haven't had time to research that. Thanks for your interest! P.S. You have no idea how hard it is to not type "dear john" every time I refer to the program "john the ripper".....;-) anyway, back to TGIF time....;-) Mark > :) >> >> Mark >> On Jul 14, 2011 4:28 PM, "Lisa Kachold" wrote: >> > If you don't have the ability to boot something like a DVD/CD or USB >> key, >> > try john the ripper? >> > >> > Save the encrypted string to a test file and run it through john the >> ripper >> > running on your system: >> > >> > Ubuntu: >> > >> > # apt-get install john >> > >> > Centos/RH/Fedora: >> > >> > # yum install john >> > >> > Example use: >> > >> > # john -single crackme.txt >> > >> > References: >> > >> > http://www.openwall.com/john/doc/ >> > >> > >> http://www.google.com/url?sa=t&source=video&cd=1&ved=0CDIQtwIwAA&url=http%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3D3YyscD_tADk&rct=j&q=john%20the%20ripper&tbm=vid&ei=t3ofTsXRNqTv0gHB2bmYAw&usg=AFQjCNE8vdlkxhwQ15zCuBePI9Y9qk3mAQ&cad=rja >> > >> > http://www.osix.net/modules/article/?id=455 >> > >> > >> > On Thu, Jul 14, 2011 at 11:19 AM, Sam Kreimeyer >> wrote: >> > >> >> Hello Mark, >> >> >> >> Have you tried using Kon-Boot? It's a bootable image that edits the >> kernel >> >> to bypass the password prompt. >> >> >> >> >> > -- >> > (602) 791-8002 Android >> > (623) 239-3392 Skype >> > (623) 688-3392 Google Voice >> > ** >> > HomeSmartInternational.com >> >> --------------------------------------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> > > > > -- > (602) 791-8002 Android > (623) 239-3392 Skype > (623) 688-3392 Google Voice > ** > HomeSmartInternational.com > > > > > > > > > > > > > > > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >