Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 27 Jul 2015 15:48:15 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: auditing our use of FMT_* flags (was: more robustness)

What's the meaning of FMT_CASE ?

/* Uses case-sensitive passwords */
#define FMT_CASE                        0x00000001

Does it mean that the passwords are case-sensitive if FMT_CASE is set ?
The passwords are case-insensitive if FMT_CASE is not set ?

There are some formats that do not set FMT_CASE.

LM, WoWSRP, mssql, nethalflm, netlm, oracle, sapb, saph

I changed the case of passwords, but the self-test is failed. E.g.:

LM_fmt.c

static struct fmt_tests tests[] = {
        {"$LM$a9c604d244c4e99d", "AAAAAA"},
        {"$LM$cbc501a4d2227783", "AAAAAAA"},
        {"$LM$3466c2b0487fe39a", "CRACKPO"},
        {"$LM$dbc5e5cba8028091", "IMPUNIT"},
        {LM_EMPTY LM_EMPTY, ""},
        {"$LM$73cc402bd3e79175", "SCLEROS"},
        {"$LM$5ecd9236d21095ce", "YOKOHAM"},
        {"$LM$A5E6066DE61C3E35", "ZZZZZZZ"}, /* uppercase encoding */
        {"$LM$1FB363feB834C12D", "ZZZZZZ"}, /* mixed case encoding */
        {NULL}
};

$ ./john --test=0 --format=LM
Will run 8 OpenMP threads
Testing: LM [DES 256/256 AVX2-16]... (8xOMP) PASS

Change the first password: "AAAAAA" -> "AAAAAa"

$ ./john --test=0 --format=LM
Will run 8 OpenMP threads
Testing: LM [DES 256/256 AVX2-16]... (8xOMP) FAILED (get_key(0))


Thanks,

Kai

[ CONTENT OF TYPE text/html SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ