Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 20 Jun 2011 02:09:02 +0200
From: magnum <>
Subject: Re: Either my test script is b0rken or BF has an 8-bit

On 2011-06-20 01:20, Solar Designer wrote:
> I've just tried my Perl script on OpenBSD 4.6, invoking crypt().  It
> produced the same hash as I am getting on Owl.  However, that hash is
> not cracked by John, neither with nor without the fix I posted.  I'll
> investigate further.

I just realised I had access to some OpenBSD gear: it's a "4.8 
GENERIC.MP#411 amd64". My terminal settings was very confusing but after 
I hard coded the pound sign as \xa3 it does produce the exact same hash 
as my perl script:

bash-4.1$ cat bf.c
#include <pwd.h>
#include <unistd.h>
#include <stdio.h>

int main()
   char password[] = "\xa3"; // Pound sign in ISO-8859-1
   printf("BF Crypt: %s\n", crypt(password, 
   return 0;
bash-4.1$ cc -o bf bf.c
bash-4.1$ ./bf
BF Crypt: $2a$05$/OK.fbVrR/bpIqNJ5ianF.Sa7shbm4.OzKpvFnX1pQLmQW96oUlCq


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.