Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 6 Jul 2015 21:02:09 +0800
From: Kai Zhao <>
Subject: Re: more robustness

Hi Alexander,

> No, that's not the only aspect in which it differs from actual cracking.
> As I wrote above, "--test performs only very basic testing, hashing one
> password at a time (albeit in different key indices)".

To test all the keys at a time and incorrect passwords, I create a patch.

The fmt_self_test_body_full() function is based on the oldest formats.c

There are mainly two changes:

1. Replace  format->methods.set_key(current->plaintext, index);
   with fmt_set_key_test_full(current->plaintext, max, format);
The new one will set all the keys from 0 to max_keys_per_crypt - 1,
and the first key is the right one and all the other keys are wrong.

2. Change cmp_all(), cmp_one(), cmp_exact(), since the first one
is expected right, and all the others are expected wrong.

However, there are two bugs with this patch.

1. As it is based on the old formats.c, it does not support dynamic
and some formats.

2. Some formats may emit false positives, but this patch considers
all the false positives are wrong.



Content of type "text/html" skipped

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ