Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 13 Oct 2017 20:24:02 +0200
From: Albert Veli <albert.veli@...il.com>
To: john-users@...ts.openwall.com
Subject: Hex-encoding of words

Hi Magnum et al.

During the recent passwordctf I used john in parallell with hashcat and
noticed that hashcat encodes some words using hex format.

Pasted from IRC:

20:04 < trebla> btw, there are some passwords that I found with hashcat
that can't be sent as ascii or utf-8, for instance:
20:04 < trebla> a7b12496acf916b593bda55d3b7562dcc7c9c337:$HEX[7300733932]
20:04 < trebla> aa6122c3e8239538db9beff5fd4ca1e4e77045d9:$HEX[3434003536]
20:04 < trebla> e15310184d6a28e3c043a462c06d61e2e2a28b98:$HEX[2d002d3933]

What is your opinion on supporting this hex-syntax for john? It would make
interoperability between john and hashcat easier.

The obvious corner case to look out for is if the password actually begins
with the ascii string '$HEX[' :-)

In that case john has to make sure it is always encoded using hex format,
for instance like this:

$HEX[244845585b6a6f686e5d]

The password in this case would be:

 echo '244845585b6a6f686e5d' | xxd -r -ps

$HEX[john]


Cheers!

Albert

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ