Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 28 Jun 2012 18:32:32 -0500
From: "jfoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: RE: Shouldn't the TS work with a pw.dic in reversed order as well?

Before you get 'too' worked up about this, make SURE that the tools you are
using can handle BUSTED binary data.  If it has some encoding, then it will
likely change the PW files.

$ sort pw.dic > p
sort: string comparison failed: Invalid or incomplete multibyte or wide
character
sort: Set LC_ALL='C' to work around the problem.
sort: The strings compared were `\337\3375' and `\367__5'.

Note to sort the thing, I must do this:

LC_ALL='C' sort pw.dic > p

Try running john's unique on the file.  If you did a reverse of pw.dic to
pr.dic, then try this:

Unique -inp=pw.dic p -ex_file=pr.dic

That better end up with 0 lines.  If not, then pr.dic was not the same (but
in reverse order).

Jim.

>-----Original Message-----
>From: Frank Dittrich [mailto:frank_dittrich@...mail.com]
>Sent: Thursday, June 28, 2012 5:29 PM
>To: john-dev@...ts.openwall.com
>Subject: Re: [john-dev] Shouldn't the TS work with a pw.dic in reversed
>order as well?
>
>On 06/29/2012 12:17 AM, magnum wrote:
>> On 2012-06-29 00:10, Frank Dittrich wrote:
>>>  form=dynamic_2                    guesses: 1482 time: 0:00:00:00 :
>>> Expected count(s) (1500)  [!!!FAILED!!!] Exiting on error.  The pot
>>> file ./tst.pot contains the found data The command used to run this
>>> test was:
>>>
>>> ../run/john -ses=./tst -nolog -pot=./tst.pot dynamic_2_tst.in
>>> --wordlist=pw.dic 2>&1 >/dev/null
>>>
>>>
>>> Other formats that fail:
>>
>> Interesting find. I used to do "shuf pw.dic.orig > pw.dic" for similar
>> adventures.
>>
>>
>>> form=dynamic_2-raw                guesses: 1482 time: 0:00:00:00 :
>>> Expected count(s) (1500)  [!!!FAILED!!!]
>>> .pot CHK:dynamic_2-raw            guesses: 1482 time: 0:00:00:00
>[PASSED]
>
>[...]
>
>> It's very consistent :)
>
>Yes.
>
>>> form=hmac-sha1                    guesses:  730 time: 0:00:00:09 :
>>> Expected count(s) (1500)  [!!!FAILED!!!]
>>> .pot CHK:hmac-sha1                guesses:  730 time: 0:00:00:01
>[PASSED]
>>>
>>> So,. for hmac-sha1 at least the password count is the same if we
>>> reverse the order of candidates tried.
>>
>> You did not pull the fix Jim authored? This problem should be long
>gone.
>
>I did pull, but fortunately I didn't rebuild john.
>Otherwise I wouldn't have stumbled over the other cases.
>
>Will repeat the test after make clean..., and with other .dic files
>reversed as well.
>
>Frank

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.