[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list]
Date: Wed, 21 Dec 2005 14:06:57 +1100
From: "David Luyer" <david@...er.net>
To: <john-users@...ts.openwall.com>
Subject: RE: john improvement suggestions
> First of all, thank you for your suggestions - and thank you for posting
> them in here rather than sending them to me privately. :-)
>
> On Mon, Dec 19, 2005 at 09:48:30PM +0000, Radim Horak wrote:
> > 1. Bugs and annoyances
> > - I have passwords (Traditional DES) from some old linux box, that are
> longer
> > than 16 chars, ie. consist of 3 hashes (crypt24?). John ignores such
> passwords
> > completely. I have tested them by manually cutting them. The 3rd hash
> uses salt
> > from the beginning of 2nd hash as 2nd hash uses the salt from beginning
> of the
> > 1st hash. I cannot provide the hashes nor I have access to that old
> linux box.
>
> Yes, this should be implemented, but I wanted to see some samples from
> commercial Unices first:
>
> http://article.gmane.org/gmane.comp.security.openwall.john.user/165
>From memory on OSF/1 (and thus Digital Unix/Tru64), this is simpler;
any password over 8 chars is stored as the two salt chars followed by
n x 11 characters, all using the same salt.
Cracking longer passwords may be more efficient than short ones in
this scheme, because:
- all the early segments are known to be 8 characters and share
the same salt
- the end segment has a high probability of having less than
8 characters (and for that matter less than 7)
So you can have one machine looking at all segments and using 8
characters, and another machine doing shorter passwords against
the final segments (and share the resulting john.pot entries
between the two).
David.
Hosted by DataForce ISP -
Powered by Openwall GNU/*/Linux