Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 1 Aug 2015 23:23:00 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: auditing our use of FMT_* flags

On Sat, Aug 1, 2015 at 5:55 AM, magnum <john.magnum@...hmail.com> wrote:
>
> On 2015-07-30 10:13, Kai Zhao wrote:
>>
>> On Mon, Jul 27, 2015 at 11:03 PM, <jfoug@....net> wrote:
>>>
>>> I do believe that the sapH format 'should' have the FMT_CASE flag.
>
>
>> You can see that in step 4, john does not crack with "OpenWalL", but
>> in step 6, john cracks with "OpenWall".
>> So sapH's passwords should be case-sensitive. The saph should
>> set FMT_CASE flag?
>
>
> Yes, Frank confirmed this too.
>

Maybe "OpenVMS" should NOT set FMT_CASE.

1. Get two hash from vms_fmt_plug.c's test vector.

{"$V$9AYXUd5LfDy-aj48Vj54P-----", "USER"},
{"$V$p1UQjRZKulr-Z25g5lJ-------", "service"},

2. Copy the hash to pwfile.

$ cat pwfile

$V$9AYXUd5LfDy-aj48Vj54P-----
$V$p1UQjRZKulr-Z25g5lJ-------

3. cat password.lst, (case has CHANGED)

usER
SERvice

4. run

$ rm -f ../john.pot && ../john pwfile --skip-self-test --format=openvms
--wordlist=password.lst

Using default input encoding: UTF-8
Loaded 2 password hashes with 2 different salts (OpenVMS, Purdy [32/64])
Will run 8 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
SERvice          (?)
usER             (?)
2g 0:00:00:00 DONE (2015-08-01 23:16) 200.0g/s 200.0p/s 400.0c/s 400.0C/s
usER..SERvice
Use the "--show" option to display all of the cracked passwords reliably
Session completed

John cracked the two passwords.

"USER"  -> "usER"
"service" -> "SERvice"

But vms_fmt_plug.c has set FMT_CASE. Should we remove this flag ?


Thanks,

Kai

Content of type "text/html" skipped

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ