Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 21 Dec 2005 22:31:50 +0000 (UTC)
From:  Radim Horak <yesbody@...nam.cz>
To: john-users@...ts.openwall.com
Subject:  Re: john improvement suggestions - big-bigcrypt hash

Solar Designer <solar@...> writes:

> I am just not sure what happens for passwords in excess of 16
> characters.  Is there a third 8/11 characters block?  Does it similarly
> use characters from the second hash block as the salt?  I think so, but
> I am not 100% sure.
>

Yes, of course, you are right. I went through the trouble to generate shiny new 
hash for testing purposes:

bigcrypt:
hash123:f8.SVpL2fvwjkAnxn8/rgTkwvrif6bjYB5c

can be disassembled as follows:
hash1:f8.SVpL2fvwjk
hash2:.SAnxn8/rgTkw
hash3:Anvrif6bjYB5c

The actual password is: "This is very long passwd" (w/o quotes :)

-Radim

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ