Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 10 Nov 2011 13:54:27 -0600
From: "jfoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: RE: jumbo rebased on current CVS (was: post 1.7.8-jumbo-7 changes summary)

>From: Solar Designer [mailto:solar@...nwall.com]
>
>Did you run that one through the test suite?  The new DES key setup has
>separate little pieces of code per key bit, and I'm afraid I never
>actually tested it on LM hash passwords with 8th bit set in any
>character.  Does the test suite have such samples (I guess so)?

The test suite has 8 bit passwords.  It has them in several 'flavors'. It
has 'simple' raw 8 bit passwords.  These were created from the original
password file  (pw.dic).  I simply set high bit on about 2-3% of the
characters.    

This is run 'normally'.  Also, if a format handles encoding, it is run with
-enc:utf8.  When this 'garbage' is run as utf8 mode, it will only find
'some' of the candidates (a large percentage). However, it is the exact same
number for each hash (except Cash2, which uses fewer passwords).

However, the test suite DOES test for these type PW's.  It is how the bug in
BF was found.

Jim.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.