Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 19 Feb 2014 21:50:02 +0100
From: magnum <>
Subject: Re: Increase format length limit

On 2014-02-19 19:49, Solar Designer wrote:
> On Wed, Feb 19, 2014 at 07:39:50PM +0100, Miguel S?nchez wrote:
>> So it seems that I have to change more code but I don't know where is it.
> The limit of 15 for this format is there for good technical reasons.
> There would be ~2x slowdown for longer candidate passwords, and
> supporting them in the same code is not trivial (although it can be
> done - yes, changing way more code, and in fact writing extra code).
> If you need to crack longer md5crypt passwords, we currently recommend
> that you run on a system supporting md5crypt natively (e.g., any recent
> Linux) and use the --format=crypt option.  It will run a few times
> slower, but it will crack those longer passwords.

In bleeding-jumbo, we do have a format that is most likely faster than 
the crypt(3) format and supports up to length 125. It's the "aix-smd5" 
format. Just like md5crypt, it supports normal md5crypt as well as AIX 
SMD5. It has lived in unused/ but I just now moved it into service so a 
fresh pull of bleeding-jumbo will do the trick.

Before J1 release, we might want to revise the name/description of this 
format and/or document this better.


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ