Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Order Openwall Wordlists CD (20+ languages) with delivery worldwide or download
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Mon, 12 Mar 2007 23:47:09 +0100
From: "Alain Espinosa" <alainesp@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: LM an NTLM combination

I can reproduce the bug with the -4 version. Very intersting bug.

In version 5 i agregate this test in function cmp_one:

344     if(b!=t[1])
345        return 0;

This was because i try blocks of passwords and need a more especific test
(cmp_all could return 1 because only 1 password).

Puting this test in the 4 version fixed the bug. Why this occur? I really
dont know.

I think (-4 version) that before enter to cmp_one john need to enter to
cmp_all and checks the same condition that would make this checks (344,345)
innecesary.

But forget about cmp_all. Insert the lines in -4 patch. Eliminate this lines
(344,345) now could make that at least more or equal hashes pass the test of
cmp_one and the bug (if existed) need to be accept password that dont have
the current hash. But what happens its the opposite. And i dont understand
why in 2 pass john find passwords. Maybe Solar, who know the intrinsics of
john, can explain. I dont undestand.

alain

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux