Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 10 Feb 2018 21:49:56 +0100
From: Jeroen <spam@...lab.nl>
To: john-users@...ts.openwall.com
Subject: Reading salt that contain semicolum

Hi,

Some hashing algorithms use salts that might - and do in some cases - 
contain semicolums. John seems to do some magic, effectively skipping 
the hash.

bofh@dev:~$ echo 
'0123456789abcdef0123456789abcdef$123456789012345678901234567890' > 
/tmp/hash
bofh@dev:~$ /opt/JohnTheRipper/run/john --format=dynamic_2006 /tmp/hash
Using default input encoding: UTF-8
Loaded 1 password hash (dynamic_2006 [md5(md5($p).$s) (PW > 55 bytes) 
256/256 AVX2 8x3])
Warning: no OpenMP support for this hash type, consider --fork=8
Press 'q' or Ctrl-C to abort, almost any other key for status
0g 0:00:00:03  3/3 0g/s 383538p/s 383538c/s 383538C/s bilbark..107969
Session aborted
bofh@dev:~$ echo 
'0123456789abcdef0123456789abcdef$1234567890:2345678901234567890' > 
/tmp/hash
bofh@dev:~$ /opt/JohnTheRipper/run/john --format=dynamic_2006 /tmp/hash
Using default input encoding: UTF-8
No password hashes loaded (see FAQ)
bofh@dev:~$

Is there a workaround? HEX$ encoding the salt doesn't seem to be 
successful.

Thanks,

Jeroen

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ