Date: Thu, 10 Nov 2011 13:54:27 -0600 From: "jfoug" <jfoug@....net> To: <john-dev@...ts.openwall.com> Subject: RE: jumbo rebased on current CVS (was: post 1.7.8-jumbo-7 changes summary) >From: Solar Designer [mailto:solar@...nwall.com] > >Did you run that one through the test suite? The new DES key setup has >separate little pieces of code per key bit, and I'm afraid I never >actually tested it on LM hash passwords with 8th bit set in any >character. Does the test suite have such samples (I guess so)? The test suite has 8 bit passwords. It has them in several 'flavors'. It has 'simple' raw 8 bit passwords. These were created from the original password file (pw.dic). I simply set high bit on about 2-3% of the characters. This is run 'normally'. Also, if a format handles encoding, it is run with -enc:utf8. When this 'garbage' is run as utf8 mode, it will only find 'some' of the candidates (a large percentage). However, it is the exact same number for each hash (except Cash2, which uses fewer passwords). However, the test suite DOES test for these type PW's. It is how the bug in BF was found. Jim.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ