Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 2 Feb 2013 20:51:19 +0100
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: NTLMv1 and MSCHAPv2

On 2 Feb, 2013, at 16:12 , Solar Designer <solar@...nwall.com> wrote:
> On Fri, Feb 01, 2013 at 11:10:48PM +0100, magnum wrote:
>> On 1 Feb, 2013, at 19:48 , magnum <john.magnum@...hmail.com> wrote:
>>> BTW when I implemented that, I was wondering if we could not add a late-reject for these cases: If binary() returns NULL we got a late reject. Would it be too late to efficiently handle that in loader?
>> 
>> Only after fixing the above, I went on with this. This trivial patch works like a charm:
> 
> Didn't you say you implemented the 3rd DES block cracking in valid()
> first?  Do you feel late-reject on binary() is somehow cleaner?  Yes,
> this lets you avoid the caching from valid()...

The idea was initally for some of the non-hash formats. Their valid() tend to get very complicated. But I realize now they use salt(). Supporting NULL-reject from salt() might get out of hands...


> Oh, here's an idea: maybe your patch to the loader could handle the
> special case I explained above?  If valid() returned non-zero, but the
> format was not previously detected, set a flag (just an int variable
> local to the loader).  Then if binary() returns NULL and the flag is
> set, "undetect" the format and probe other formats' valid() methods for
> this line and (if still not detected) for further lines, like it's done
> normally.  If binary() returns non-NULL, then the format is detected for
> real and the flag should be reset.  (Need to take a look at the code to
> determine if an extra flag variable is actually needed, or maybe these
> conditions can be inferred from the variables we already have.)

That sounds viable. But since this can't be used for the non-hash formats I had in mind, I might revert the whole thing instead. I'll ponder this for a while.

magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ