Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 12 Mar 2011 02:38:51 +0100
From: magnum <rawsmooth@...dband.net>
To: john-dev@...ts.openwall.com
Subject: NT_fmt bug

I'm very near certain I have found a bug in NT_fmt that is not caused by 
my UTF-8 stuff, it's just that we could never trigger it before.

I have tried for days to debug this and I now believe the following is 
true (though it sounds weird to me):

If the SECOND character of a plaintext (buffered after set_key()) is 
U+2000 or higher, it fails.

Could this possibly be caused by a bug in the actual hashing? I have 
looked over the code over and over again, I'm out of clues.

I can crack these (x is *any* character below U+2000 (like the actual x, 
U+0078), € is *any* character >= U+2000 (like the actual €, U+20AC)):
€
€x
€x€x
€x€x€x
€x€x€
€x€x€€
€x€€€€€€€€€€
xx€€€€€€€€€€
xx€xxx
xxx€xx
xxxx€x
xxxxx€

I can not crack these:
€€€x
€€x
x€€€
x€€
x€
€€€
€€
x€xxxx
x€x€x€

All uncracked has a € in second pos and other tests show that anything 
up to U+1FFF works fine, while U+2000 and above does not.

I am certain this has nothing to do with my UTF8 conversion but we never 
get beyond U+00FF with pristine john so this never happened until now.

magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ