Date: Mon, 8 Jun 2015 11:29:29 -0400 From: <jfoug@....net> To: john-dev@...ts.openwall.com Subject: Re: Fuzzing Report on hashes ---- Solar Designer <solar@...nwall.com> wrote: > Thanks! I see that Jim fixed the former, and declared the latter > invalid (sorry I didn't look into it closer). Thanks, Jim! I did not add N to the valid() within django scrypt. We might want to look at that. A hash with N > 32 (>=32?) will always fail. It is that way now, but I do not know if that is also the case using the other scrypt code. I did not add the valid check now, but with the change if that one line input file (with the N=41) is run, then john will appear to be doing work, BUT no passwords are ever checked. However, the format will run really fast, lol.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ