Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 11 Jul 2012 13:56:02 +0200
From: Frank Dittrich <frank_dittrich@...mail.com>
To: john-dev@...ts.openwall.com
Subject: Re: ./john --show for formats with FMT_NOT_EXACT flag
 set

On 06/26/2012 03:30 PM, Solar Designer wrote:
> On Tue, Jun 26, 2012 at 02:31:04PM +0200, Frank Dittrich wrote:
>> Shouldn't john --show somehow show that there are 2 possible passwords
>> for 2, may be by printing 2 separate lines?
> [...]
>> For FMT_NOT_EXACT we could also treat just those password hashes as left
>> to crack for which we don't have any password in the pot file.
>> Thoughts?
> 
> These are reasonable suggestions, although I imagine that for the latter
> the user will want to choose what to do.

What would be the use of --show=LEFT for formats with FMT_NOT_EXACT?
OK, it would convert any valid hash into the canonical hash
representation, get rid of all other columns except user name and hash,
and it would remove duplicate lines.

But to keep current behavior with a default config, a new config setting
which has to be changed by the user to get the new behavior would be OK
as well.

BTW: why does CRC32 have the FMT_NOT_EXACT flag set?
IMHO, this flag should indicate that the implementation used a shortcut,
e.g., for performance reasons, and could produce false positives.
A hash collision (as with CRC32) is different.
If you found a password for that hash, it is valid, no matter how many
other passwords there may be for the same hash.

The only reason to keep this flag set for CRC32 is if you do have other
hashes for slower salted formats, and you assume that the passwords used
for those other hashes are similar to the passwords used for CRC32.
In this case it makes sense to find as many valid passwords as possible
for CRC32, because you want to use those passwords as candidates for the
slower formats...

Frank

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ