Date: Mon, 20 Jun 2011 00:41:44 +0200 From: magnum <rawsmooth@...dband.net> To: john-dev@...ts.openwall.com Subject: Either my test script is b0rken or BF has an 8-bit bug Can someone having access to an OpenBSD system verify the enclosed Blowfish hash? Or produce a correct one: It is supposed to be a single pound sign in ISO-8859-1, but I can't crack it (or any other non-ascii) with John. It's produced using Perl, Authen::Passphrase and I suspect the bug (or feature) is in that one. I read stdin as raw, which is usually what works best with Authen::Passphrase for non-Unicode formats and non-ascii plaintexts. I have also tried to read stdin with binmode set to iso-8859-1 and a couple other variants but nothing I've tried gets me a crackable hash. I suspected Perl somehow ended up crypting the UTF-8 byte sequence for a pound sign, but that's not it (and I can't get it to do that on purpose either) The format is supposed to handle 8-bit, right? It says so in the struct. magnum View attachment "BF_poundsign_ansi.hash" of type "text/plain" (145 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.