Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 30 Jul 2015 16:13:05 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: auditing our use of FMT_* flags

On Mon, Jul 27, 2015 at 11:03 PM, <jfoug@....net> wrote:
>
> ---- Kai Zhao <loverszhao@...il.com> wrote:
> >
> > If LM is special, how about saph?
> >
> > E.g.:
> >
> > sapH_fmt_plug.c:
> >
> > static struct fmt_tests tests[] = {
> >         {"{x-issha,
> > 1024}hmiyJ2a/Z+HRpjQ37Osz+rYax9UxMjM0NTY3ODkwYWI=","OpenWall"},
> >         ...
> >         {NULL}
> > };
> >
> > This format doesn't set FMT_CASE. So the password is case-insensitive.
> > But if I change "OpenWall" to "OpenWalL", the self-test will fail.
>
> As magnum stated, you can not change the passwords in the test vectors
and have things work.  I do not think the logic that properly cases the
passwords is not done during self test.
>
> I do believe that the sapH format 'should' have the FMT_CASE flag.


I did a try on FMT_CASE with saph which does NOT set FMT_CASE.

1. Get one hash from sapH_fmt_plug.c's test vector.

{"{x-issha, 1024}hmiyJ2a/Z+HRpjQ37Osz+rYax9UxMjM0NTY3ODkwYWI=",
"OpenWall"}

2. Copy the hash to pwfile.

$ cat pwfile

{x-issha, 1024}hmiyJ2a/Z+HRpjQ37Osz+rYax9UxMjM0NTY3ODkwYWI=

3. cat password.lst

123456
OpenWalL

4. run

$ rm -f ../john.pot && ../john pwfile --skip-self-test
--wordlist=password.lst

Using default input encoding: UTF-8
Loaded 1 password hash (saph, SAP CODVN H (PWDSALTEDHASH) [SHA-1/SHA-2
256/256 AVX2 8x])
Will run 8 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
0g 0:00:00:00 DONE (2015-07-30 16:05) 0g/s 200.0p/s 200.0c/s 200.0C/s
123456..OpenWalL
Session completed

5. change the "OpenWalL" to "OpenWall"

$ cat password.lst

123456
OpenWall

6. run

$ rm -f ../john.pot && ../john pwfile --skip-self-test
--wordlist=password.lst

Using default input encoding: UTF-8
Loaded 1 password hash (saph, SAP CODVN H (PWDSALTEDHASH) [SHA-1/SHA-2
256/256 AVX2 8x])
Will run 8 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
OpenWall         (?)
1g 0:00:00:00 DONE (2015-07-30 16:07) 100.0g/s 200.0p/s 200.0c/s 200.0C/s
123456..OpenWall
Use the "--show" option to display all of the cracked passwords reliably
Session completed

You can see that in step 4, john does not crack with "OpenWalL", but
in step 6, john cracks with "OpenWall".
So sapH's passwords should be case-sensitive. The saph should
set FMT_CASE flag?

Thanks,

Kai

[ CONTENT OF TYPE text/html SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ