Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 4 Sep 2013 00:14:33 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: mask mode bug

On 4 Sep, 2013, at 0:03 , magnum <john.magnum@...hmail.com> wrote:
> I see another problem too: With 8-bit masks, eg. [\x20-\xff] (you need to escape or quote the backslashes in the shell unless adding it as ?A in rpp.c), it cracks hashes but you get false result from get_key (the worst bug next to false negatives!). The first character is garbage. Possibly a signed char problem? It works fine with CPU formats.

OK, I see false first characters even not using 8-bit. And false negatives.

OpenCL:
$ rm new.pot && GWS=4096 ../run/john ~/john/test/bigtest.rawmd5 -form:raw-md5-opencl -pot:new.pot -mask=?a?a
Device 1: GeForce GT 650M 
Local worksize (LWS) 64, global worksize (GWS) 2048
Loaded 61747 password hashes with no different salts (Raw-MD5-opencl [MD5 OpenCL (inefficient, development use only)])
Using kernel md5_ccc...
Press 'q' or Ctrl-C to abort, almost any other key for status
CS               (marlid36)
r1               (u ballzza)  <-- wrong result!!
JE               (Nitewing)
3g 0:00:00:00 4.285g/s 1.428p/s 12892c/s 796095KC/s   ..  
Warning: passwords printed above might not be all those cracked
Use the "--show" option to display all of the cracked passwords reliably
Session completed

CPU:
rm new.pot && ../run/john ~/john/test/bigtest.rawmd5 -form:raw-md5 -pot:new.pot -mask=?a?a
Loaded 61747 password hashes with no different salts (Raw-MD5 [MD5 128/128 AVX 12x])
Press 'q' or Ctrl-C to abort, almost any other key for status
21               (u ballzza)
CS               (marlid36)
JE               (Nitewing)
hi               (horny weeiner)
lg               (larjar82)
me               (_Jok3R_)
yo               (yo)
7g 0:00:00:00 700.0g/s 902500p/s 902500c/s 55724MC/s ~~
Warning: passwords printed above might not be all those cracked
Use the "--show" option to display all of the cracked passwords reliably
Session completed

magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ