Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 24 Jul 2012 08:16:42 +0200
From: Frank Dittrich <frank_dittrich@...mail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Current -fixes GPU formats vs TS

On 07/24/2012 03:38 AM, magnum wrote:
> That script does not work well. For example, it considers this a
> password from mscash_tst.in:
> 
> "characters__17:mscash (user name required for salt in john's format):"
> 
> where the actual password is just "characters__17".
> 
> I think this is better for most files:
> grep -v '^#!comment:' $1 | cut -d: -f5 | perl -ne 'use bytes; chomp;
> print length, "\n"' | sort -n | uniq -c | sort -nk2

Because the test suite works if passwords can contain colons, and
apparently indeed contains passwords with colons, you'd have to remove
the fields after the password (using sed, I guess), and then cut -d: -f
5- -s (or just grab the password using sed instead of cut.

$ grep : *.dic
pw-utf8.dic:!¿«´¯k®åzyi3()y¯`»?¡: i
pw-utf8.dic:bmk:0
pw-utf8.dic:salmos51ç:10
pw-utf8.dic:akmali:)
pw-utf8.dic:smile:]

Shouldn't other dictionaries also contain a few passwords with a colon,
just to be sure?

Frank

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ