Date: Fri, 17 Jun 2011 18:35:22 +0200 From: magnum <rawsmooth@...dband.net> To: john-dev@...ts.openwall.com, thes3nf@...glemail.com Subject: Re: Even more mscash & mscash2 fixes On 2011-06-15 22:44, magnum wrote: > Still, there is a major problem in mscash2: As far as I can tell, the > maximum supported salt length is supposed to be 19 characters. Unless > my generator script is to blame, John fails to crack any hash with a > salt longer than 8 characters. The self-test I included with saltlen > 19 is currently commented out. Unless this is fixed, the max length > check in valid() should be really be decreased from 19 to 8. > > Is the original author, S3nf, a subscriber here? From what I can tell, > the problem is in the PBKDF2 - the other stuff exists in mscash and > works fine with up to 19 characters. ... > I am NOT 100% sure this salt length problem is not actually a problem > with Crypt::PBKDF2. Other stupid bugs exist in it. But I have failed > to g00gle test hashes and I have no Vista/2008/Win7 gear to make real test I have now confirmed my test files are correct, the format is buggy. I cc'd s3nf in case he's not on this list. magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.