Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Wed, 20 Jul 2011 20:18:32 -0500
From: "jfoug" <jfoug@....net>
To: <john-users@...ts.openwall.com>
Subject: RE: md5_gen ... again

I did list (within code) that this would happen.  This exact case.

		// this code is BROKEN in the case where we have a 'simple'
salt, that starts with a '$'
		// character.  For now, I will simply comment these out, and
they should work fine.  NOTE, this
		// will break complex salts, which do not start with a
'normal' salt.  Something like
		// $$Uuser will now fail (if that is the entire salt).  But
at this time, there are no 'canned'
		// formats that use that, so this patch will work around the
problem, giving me some time to
		// address this for the 'complex' salt case, in a later
version of md5_gen.
//		if (ciphertext[curdat.md5_gen_SALT_OFFSET] == '$')
//			strnzcpy(Salt,
&ciphertext[curdat.md5_gen_SALT_OFFSET-1], SALT_SIZE);
//		else


Thus what is happening, is you have no 'valid' salt  What you have in the
salt 'field' is $$U1234  But due to some other fixes I added, this is
failing.

At this time, until I spend more time coming up with a more generic 'fix', I
would sugest that you build the format this way:

[List.Generic:md5_gen(1400)]
Expression=md5($s.:asterisk:.$p) [Asterisk SIP]
Flag=MGF_SALTED
Func=MD5GenBaseFunc__clean_input
Func=MD5GenBaseFunc__append_salt
Func=MD5GenBaseFunc__append_input1_from_CONST1
Func=MD5GenBaseFunc__append_keys
Func=MD5GenBaseFunc__crypt
CONST1=:asterisk:
Test=md5_gen(1400)4a8e71480c5b1ef0a5d502a8eb98576a$1234:abcd


Yes, I know that is not a 'fix', but I am not going down the knee jerk fix
in the salts until I have a better chance to dig deeper, and get it 'right'.

Jim.

>-----Original Message-----
>From: jm@...izoku.org [mailto:jm@...izoku.org] On Behalf Of Jean-Michel
>Sent: Wednesday, July 20, 2011 6:27 PM
>To: john-users@...ts.openwall.com
>Subject: [john-users] md5_gen ... again
>
>I upgraded from john 1.7.7 to john 1.7.8 with all patches applied.
>
>On x64 build, the patch john-1.7.8-jumbo-2after-MSCash2-many-fixes-
>1.diff
>made some of my md5_gen configuration scripts to fail.
>
>It seems that having the flag MGF_USERNAME without MGF_SALTED breaks the
>format.
>
>For example, for Asterisk SIP secret hashes, I have :
>
>[List.Generic:md5_gen(1400)]
>Expression=md5($u.:asterisk:.$p) [Asterisk SIP]
>Flag=MGF_USERNAME
>Func=MD5GenBaseFunc__clean_input
>Func=MD5GenBaseFunc__append_userid
>Func=MD5GenBaseFunc__append_input1_from_CONST1
>Func=MD5GenBaseFunc__append_keys
>Func=MD5GenBaseFunc__crypt
>CONST1=:asterisk:
>Test=md5_gen(1400)4a8e71480c5b1ef0a5d502a8eb98576a:abcd:1234
>
>This function fails at get_hash[0](0)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ