Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 09 Jun 2012 02:04:16 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Was: RE: [john-users] JtR to process the LinkedIn
 hash dump

On 06/08/2012 05:49 PM, jfoug wrote:
> Note, the newest patch DOES work properly, when run against a .pot file
> built with an older version.  Thus, I am happy with this version.  NOTE, it
> may be wise to use the new version, on an empty .pot file, against the full
> database.  This will build a .pot file that is canonical, only 1 hash entry,
> and fully 'proper' dynamic_26 format.

In case anyone wonders: I committed Jim's patch to bleeding-jumbo but 
later reverted it because there were problems with --show that might not 
be fixable without hacking core. We'll ponder that for a while. In the 
meantime, the workaround is back to using the cracked entries as a 
wordlist for another crack, which will get the crippled/uncrippled dupes.

Dang, for a while I thought this idea was beautyful.

> But again, this is only a bleeding edge build, with the get_source().  There
> is no way at all to do this, prior to get_source() being around, without
> hacking into core john.

Lacking that, I also tried implementing the second-best alternative to 
magnum-jumbo: Always store a crippled hash. But it turned out this has 
very similar problems so that was never committed.

magnum


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ