Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 09 Mar 2011 19:50:43 +0100
From: magnum <>
Subject: Re: --utf8 option, proof of concept

On 03/09/2011 04:16 PM, jfoug wrote:
> Also, I increased the plaintext_length if in utf8
> mode.  40 may not be large enough. We want up to 27 unicode chars.  The call

This is excellent!

> Unfortunately, I do
> not know what the plaintext length of the utf8 data 'should' be.  I do not
> know if there is a way to know in advance the length.  However, I think 3
> utf8 chars into 1 unicode is average.  It can be 1 to 1, upto 5 to 1.  NOTE,
> if run in --utf8 mode against a .....

It can't be more than 4 to 1 for legal UTF-8. So worst case would be 4 * 
27 = 108 bytes of UTF-8 for 27 characters of UTF-16. Is there any reason 
not to go that high?

Would we benefit from knowing the length in advance?

> Ignore the above.  I AM having problems.  I  will produce some changes.

I'll experiment a little too.

I have another problem, I think I've got mscash and mscash2 working 
correctly now (with unicode salt) but I don't know how to produce test 
hashes for the latter.

static struct fmt_tests tests[] = {
   {"M$test1#607bbe89611e37446e736f7856515bf8", "test1" },
   //{"M$\xFC#FIXME FIXME FIXME", "\xFC" }, // u-umlaut in 8859-1
   //{"M$\xFC\xFC#FIXME FIXME FIXME", "\xFC\xFC" }, // Two of them
   {"M$test2#c6758e5be7fc943d00b97972a8a97620", "test2" },
   {"M$test3#360e51304a2d383ea33467ab0b639cc4", "test3" },
   {"M$test4#6f79ee93518306f071c47185998566ae", "test4" },
   if (options.flags & FLG_UTF8) {
     fmt_mscash2.methods.set_key = set_key_utf8;
     fmt_mscash2.methods.salt = get_salt_utf8;
     //tests[1].ciphertext = "M$\xC3\xBC#FIXME FIXME FIXME";
     //tests[1].plaintext = "\xC3\xBC";         // u-umlaut in UTF-8
     //tests[2].ciphertext = "M$\xC3\xBC\xC3\xBC#FIXME FIXME FIXME";
     //tests[2].plaintext = "\xC3\xBC\xC3\xBC"; // two of them

Also, I will need to support converting username (to be used as salt) in 
mschapv2. I'm not sure about the NETLMv2/NETNTLM/NETNTLMv2, I think they 
are all fine as is (they use E_md4hash which is now utf8-aware) and from 
what I can tell the salts are in hex so we don't have to convert.


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ