Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 9 Nov 2011 11:08:58 -0600
From: "jfoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: RE: post 1.7.8-jumbo-7 changes summary

Not sure that this needs to be notified about, but I will explain what it
is.

'unified' output was meant to say that no matter how a md5($p) is run
through john, that it will now be placed into the pot file in one way.  John
can handle these as 'input' (also when reading the .pot file) for md5($p)
formats.

md5_gen(0)hex_hash
hex_hash
$dynamic_0$hex_hash

So, any input file read, which johh is in -form=dynamic_0, or into
-form-raw-md5 can read any of the above lines, and work with them, on an
input file, or from the .pot file.

When john writes a .pot line, it will write in the format:
$dynamic_0$hex_hash:password    This format uniquely, and properly
identifies the hash.  hex_hash:password, does not.


Now, this does mean that any raw-md4 (or several others), which drop
hex_hash:password into the .pot file will be used at pot load to trim an
input file. However, I am not sure of any known collisions between md5($p)
and md4($p), and would imagine that these would be specially crafted to
collide.


>From: Solar Designer [mailto:solar@...nwall.com]
>
>Jim, magnum -
>
>On Mon, Nov 07, 2011 at 10:27:05AM -0600, jfoug wrote:
>> Unification of output format, and ability to read any form valid input
>
>I don't understand what this means and I don't know how to describe it
>such that users of JtR will understand.  I think that the above is
>confusing to almost everyone, so unless you clarify I am going to omit
>it from the changes summary.
>
>Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.