Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 16 Mar 2013 22:15:50 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: Cisco - Password type 4 - SHA256

On Sat, Mar 16, 2013 at 9:58 PM, Frank Dittrich
<frank_dittrich@...mail.com> wrote:
> On 03/16/2013 02:54 PM, Dhiru Kholia wrote:
> Your implementation uses PLAINTEXT_LENGTH 125.
> Is the max. length supported by Cisco documented somewhere, or can you
> test it?

It is 25. I have fixed my code.

> Also, can you make sure the algorithm really distinguishes upper and
> lower case characters?

Good point. I will test this today.

> What about trying some non-ascii characters?
> You specified FMT_8_BIT, so you should verify that those characters are
> not "truncated" to 7 bits (or even converted to UTF-8).

Sorry. I don't understand this stuff at all.

> The valid() implementation could need additional checks.

Right. I was racing to finish this format ;). I will fix this soon.

-- 
Dhiru

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ