Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 6 Jun 2011 03:51:56 +0200
From: Jean-Michel <jtr@...izoku.org>
To: john-users@...ts.openwall.com
Subject: Re: Issues with gen_md5 new linking method

Well, I really have a silly database....

Your patch nearly solved the problem. Except that I have entries with salt
beginning with "$$" too !
So the error still is "unknown salt string  $$7".

Isn't it "easier" to add a loader flag, like "MGF_SALT_BASE16", that simply
tells the md5_gen loader to unhex the salt(s)/fields after parsing ?
That was how the previous PHPS module was written (I mean with an hexencoded
salt). Maybe it will be also useful to further formats and it may
uncomplexify your salts/fields parser.

But if you want to try other things, feel free to send me patches and I'll
try them against my database ASAP. It's quite uge so I can't easily spot
problematic entries to give them to you.


--
Jean-Michel


2011/6/6 JFoug <jfoug@....net>

> I have gotten your .pot file.
>
> The problem stems from having the first character of the salt be a '$'
> char. There is some 'magic' logic within the salt function, since md5_gen
> has to handle a totally 'unknown' salt condition. There can be a salt, a 2nd
> salt, the user name, and up to 10 fields.   The salt starts with a $s. The
> 2nd salt starts with $$2  the user id starts with $$U,  then the fields
> start with $$Fx where x is 0 to 9
>
> So, what I 'believe' the code does, is if the first char of the salt is a
> '$', then the salt function, grabs the entire salt (including the leading
> $).  The logic behind this, was I was assuming that seeing the salt start
> with $$ meant that there was a complex salt (which is broken apart later),
> such as $$Uuser$$F2field2   So, the pointer that a 'normal' salt would copy
> from is $Uuser$$F2field2, but the code is detecting the first $$ and backing
> up and getting the whole thing, in preparation to later rip out the user ID,
> and Field2 data.
>
> However, in this case, we have a simple salt, and the salt starts with a
> '$' char.  Thus, the code is returning $$xy for the salt value, instead of
> the proper $xy.
>
> I can make a simple fix to get this operating properly, and then put this
> on my todo list.
>
> I have attached the patch here, since it is such a trivial patch.  Please
> let the list know if this resolves the problems you have seen.  Also, if
> there still are additional problems, then if you can get me a file (offline
> again) that demonstrates this, I will continue getting it fixed.  I have not
> placed this patch on the wiki, and will wait to hear if this corrects
> Jean-Michel's problem before I place it there.
>
> Jim.
>
> ----- Original Message ----- From: "Jean-Michel" <jtr@...izoku.org>
> To: <john-users@...ts.openwall.com>
>
> Sent: Sunday, June 05, 2011 5:25 PM
> Subject: [john-users] Issues with gen_md5 new linking method
>
>
>
>  Hello,
>>
>> with the version 1.7.7 and the new jumbo patches, the method to link a
>> format to a gen_md5() one has changed.
>> For example, the old PHPS format now links to gen_md5(6) as a "thin"
>> format.
>> But with that, I can't load my database anymore because the salt used in
>> this format as to be in "raw" format instead of base16.
>> I have entries were the salt begins with "$" for example (or contains
>> specials chars such as "\r"), and that totally messes the md5_gen parser.
>>
>> Is it already on the TODO-list to add a flag to allow the salt to be
>> hex-encoded ?
>> I haven't seen a simple way to do so just by modifing the thin module...
>>
>> Thanks.
>>
>>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.