[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 17 Jun 2011 18:35:22 +0200
From: magnum <rawsmooth@...dband.net>
To: john-dev@...ts.openwall.com, thes3nf@...glemail.com
Subject: Re: Even more mscash & mscash2 fixes
On 2011-06-15 22:44, magnum wrote:
> Still, there is a major problem in mscash2: As far as I can tell, the
> maximum supported salt length is supposed to be 19 characters. Unless
> my generator script is to blame, John fails to crack any hash with a
> salt longer than 8 characters. The self-test I included with saltlen
> 19 is currently commented out. Unless this is fixed, the max length
> check in valid() should be really be decreased from 19 to 8.
>
> Is the original author, S3nf, a subscriber here? From what I can tell,
> the problem is in the PBKDF2 - the other stuff exists in mscash and
> works fine with up to 19 characters.
...
> I am NOT 100% sure this salt length problem is not actually a problem
> with Crypt::PBKDF2. Other stupid bugs exist in it. But I have failed
> to g00gle test hashes and I have no Vista/2008/Win7 gear to make real test
I have now confirmed my test files are correct, the format is buggy. I
cc'd s3nf in case he's not on this list.
magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
