Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 19 Feb 2014 22:49:23 +0400
From: Solar Designer <solar@...nwall.com>
To: Miguel S?nchez <m.s.martiarena@...il.com>
Cc: john-dev@...ts.openwall.com
Subject: Re: Increase format length limit

Hi Miguel,

Your question would be better posted to john-users, and in fact it had
been brought up in there a few times before.  However, since you chose
to post to john-dev, let me reply in here this time...

On Wed, Feb 19, 2014 at 07:39:50PM +0100, Miguel S?nchez wrote:
> So it seems that I have to change more code but I don't know where is it.

The limit of 15 for this format is there for good technical reasons.
There would be ~2x slowdown for longer candidate passwords, and
supporting them in the same code is not trivial (although it can be
done - yes, changing way more code, and in fact writing extra code).

If you need to crack longer md5crypt passwords, we currently recommend
that you run on a system supporting md5crypt natively (e.g., any recent
Linux) and use the --format=crypt option.  It will run a few times
slower, but it will crack those longer passwords.  Of course, for
performance reasons you'd want to only do this when testing candidate
passwords that are actually 16 characters or longer.  For 15 chars or
less, use the specialized md5crypt format.

(Now, for cracking md5crypt on GPU we'll obviously need to have this
built-in... eventually.  For now, md5crypt-opencl and -cuda are
similarly limited to lengths up to 15.)

> even with other format will be very helpful.

No, this issue is specific to this one format.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ