Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 2 Sep 2015 09:11:42 -0400
From: Rich Rumble <richrumble@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: plaintext truncation

On Tue, Sep 1, 2015 at 1:41 PM, magnum <john.magnum@...hmail.com> wrote:

> On 2015-09-01 18:31, Rich Rumble wrote:
>
>> On Tue, Sep 1, 2015 at 12:23 PM, magnum <john.magnum@...hmail.com> wrote:
>>
>> This is now implemented (3701702). The following formats got FMT_TRUNC as
>>> of now: DEScrypt, bcrypt, LM, tripcode, nethalflm, netlm, PST, RACF, sapb
>>> and VNC.
>>>
>>> Some more may need it but these should be the most important ones.
>>>
>>> Old-office has a 15 char limit IIRC.
>>
>
> That rings a bell... but IIRC this only applies to some specific
> version(s), not all the ones supported by our oldoffice format. Perhaps it
> applies to '$oldoffice$0'?
>
I'm not sure how many office formats there are, but prior to 2007, 15 was
the limit imposed by M$.

>
> That does not apply to Outlook however, it uses CRC-32 codes and I
>> don't think length matters there.
>>
>
> Apparently it truncates at 8, so it's got FMT_TRUNC already. I think it
> can find a working (although not neccessarily the original) password in 30
> seconds on average, using just one core of my laptop :-)

I know crc32 is quick :) but johns is not as quick as others, still I can't
complain about 30 seconds, though others find "instant" collisions.
-rich

[ CONTENT OF TYPE text/html SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ