JohnTheRipper magnum-jumbo now has support for MySQL authentication hashes. These are different from the normal MySQL password hashes you’d find in the information_schema database, and they’re only used as part of the authentication protocol.
If you go into Wireshark and look at some MySQL traffic for versions >=4.1, you’ll see a “Server Greeting” packet which contains a random salt value. Wireshark nicely dissects this for you. Look for the “LoginRequest” packet, and find the password field – this is a hash based on the real password and the salt.
The hash’s construction is as follows:
SHA1( password ) XOR SHA1( salt <concat> SHA1( SHA1( password ) ) )
The scheme itself isn’t particularly important – what’s important is the fact that it’s relatively efficient to compute, and can therefore be efficiently cracked. JTR can now crack these hashes, but there’s a step missing from the documentation because it assumes that you’re pulling the data from a Cain & Abel sniffer rather than directly from Wireshark. What it doesn’t tell you is that you must manually hash the 20-byte salt value with SHA-1, then use that in your passwords file in the following format:
JTR can then automatically recognise the hash as a MySQL native authentication hash. Cain’s sniffer automatically hashes the salt value (it calls this the challenge), which is why the step is missing from the documentation.
As a quick demo:
Username = root Salt = D|ecBa?Vuh-B SHA-1(Salt) = b19b45d3cca9af80ccff343a78a02db6bd39a4c7 Password = a6f6a3a746caa99690eecba786629cfe43e87658
root@vm# ./john --wordlist=password.lst ~/mysql-na.pwd Loaded 1 password hash (MySQL Network Authentication SHA1 [32/64]) guesses: 0 time: 0:00:00:00 DONE (Thu May 9 14:14:50 2013) c/s: 52650 trying: bacon
Written by: Graham Sutherland of Portcullis.