Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 11 Feb 2018 21:11:15 +0100
From: "Jeroen" <spam@...lab.nl>
To: <john-users@...ts.openwall.com>
Subject: Re: Reading salt that contain semicolum

Jeroen wrote:

>Hi,
>
>Some hashing algorithms use salts that might - and do in some cases - contain
>semicolums. John seems to do some magic, effectively skipping the hash.
>
>bofh@...:~$ echo
>'0123456789abcdef0123456789abcdef$123456789012345678901234567890' > /tmp/hash
>bofh@...:~$ /opt/JohnTheRipper/run/john --format=dynamic_2006 /tmp/hash Using
>default input encoding: UTF-8 Loaded 1 password hash (dynamic_2006
>[md5(md5($p).$s) (PW > 55 bytes)
>256/256 AVX2 8x3])
>Warning: no OpenMP support for this hash type, consider --fork=8 Press 'q' or
>Ctrl-C to abort, almost any other key for status 0g 0:00:00:03  3/3 0g/s
>383538p/s 383538c/s 383538C/s bilbark..107969 Session aborted bofh@...:~$ echo
>'0123456789abcdef0123456789abcdef$1234567890:2345678901234567890' > /tmp/hash
>bofh@...:~$ /opt/JohnTheRipper/run/john --format=dynamic_2006 /tmp/hash Using
>default input encoding: UTF-8 No password hashes loaded (see FAQ) bofh@...:~$
>
>Is there a workaround? HEX$ encoding the salt doesn't seem to be successful.
>
>Thanks,
>
>Jeroen

To prevent misunderstandings: the salt can contain any ASCII 7-bit character. In large sets all ASCII printable characters are present. So --field-separator-char doesn't work without introducing issues with for salts. Using a field separator of an 8 bit value that is not used in the salts, e.g. 0x80, results in a 'trying to use an invalid field separator char: € (must be single byte character)'.

Thanks,

Jeroen

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ