Openwall wordlists collection for password cracking (20+ languages)
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 15 Feb 2012 09:17:52 -0600
From: "jfoug" <jfoug@....net>
To: <john-users@...ts.openwall.com>
Subject: RE: sha1 + hex salt

Alex, 

I have been looking at this exact same thing.  It 'should' work.  It may be
that I do not send the const values to the demangler code.  I know I did on
salts, etc.  I just have to look.  I was sure I sent the consts there,
because I did this for the PO format (uses 0xF7's or something like that).

I will see what is wrong. It 'could' be that there is some get length using
C's string functions, that is busted, thus the const1 has a length of 0.

Jim.

>From: Solar Designer [mailto:solar@...nwall.com]
>
>The following would work (to be placed in john.conf) if we could encode
>a zero byte in a string:
>
>[List.Generic:dynamic_1999]
>Expression=sha1($p."\0\0\0\0\0\0\0\0")
>Flag=MGF_SHA1_40_BYTE_FINISH
>Func=DynamicFunc__clean_input
>Func=DynamicFunc__append_keys
>Func=DynamicFunc__append_input1_from_CONST1
>Func=DynamicFunc__SHA1_crypt_input1_to_output1_FINAL
>Test=$dynamic_1999$20c59472b34ec4b9678b7149d519a2338bc31ba9:92086390
>CONST1=\x00\x00\x00\x00\x00\x00\x00\x00
>
>Unfortunately, this setting of CONST1 does not appear to work right (so
>this format fails self-test).
>
>Jim - is this something you'd enhance in a future revision of your code?
>Alternatively/additionally, how about supporting hex-encoded salts?
>
>Alexander

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ