Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 21 Dec 2005 14:06:57 +1100
From: "David Luyer" <david@...er.net>
To: <john-users@...ts.openwall.com>
Subject: RE:  john improvement suggestions

> First of all, thank you for your suggestions - and thank you for posting
> them in here rather than sending them to me privately. :-)
> 
> On Mon, Dec 19, 2005 at 09:48:30PM +0000, Radim Horak wrote:
> > 1. Bugs and annoyances
> > - I have passwords (Traditional DES) from some old linux box, that are
> longer
> > than 16 chars, ie. consist of 3 hashes (crypt24?). John ignores such
> passwords
> > completely. I have tested them by manually cutting them. The 3rd hash
> uses salt
> > from the beginning of 2nd hash as 2nd hash uses the salt from beginning
> of the
> > 1st hash. I cannot provide the hashes nor I have access to that old
> linux box.
> 
> Yes, this should be implemented, but I wanted to see some samples from
> commercial Unices first:
> 
> 	http://article.gmane.org/gmane.comp.security.openwall.john.user/165

>From memory on OSF/1 (and thus Digital Unix/Tru64), this is simpler;
any password over 8 chars is stored as the two salt chars followed by
n x 11 characters, all using the same salt.

Cracking longer passwords may be more efficient than short ones in
this scheme, because:

	- all the early segments are known to be 8 characters and share
	  the same salt

	- the end segment has a high probability of having less than
	  8 characters (and for that matter less than 7)

So you can have one machine looking at all segments and using 8
characters, and another machine doing shorter passwords against
the final segments (and share the resulting john.pot entries
between the two).

David.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ