Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 15 Aug 2011 16:28:28 +0200
From: groszek <>
Subject: Variable length hash cracking

I'm currently playing around adding a "special" type of attack on
hashes. Basically it's all the standard "raw" algorithms, but able to
crack the hash even if we have only N chars of the hash.

For example:
md5(password) = 5f4dcc3b5aa765d61d8327deb882cf99

Now let's say I only have "5f4dcc3b" of the hash. Because someone did a
showup after his 0-day and blurred out other parts of the screen, so
only beginning of the hash is shown. Is it possible to crack this hash?
Absolutly yes. Of course, the less chars we have the more plausible it
is for fake-positive crack to show up, and that's another question from me.

Basically, I have two problems:
1. how can I implement cmp_all() in my custom format? I want to memcmp()
only as much chars, as the file we're cracking gives. If I have an entry
with "lol:5f4dcc3b" I want it to memcmp(binary, crypt_out, 4). How do I
get this length? I tried the obvious to get it from functions split() or
valid() but it's no-go, it sets to the length of test suite or just
anything else. Of course one file may contain hashes with 4 bytes or 5
bytes or anything between 3-16 bytes in case of example md5. So my
compare function should take it into account and always use the valid
length for given entry.

2. I want jtr to save "cracked" candidate passwords, but not remove
given entry from the cracking process. Because of plausible fake
positives it is pretty much required.

Any help? Thanks in advance!

btw. I'm simply trying to port braindead, old project of mine that had
this feature into JTR with it's superior word generator and such :)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.