Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 26 Mar 2012 10:56:09 +0200
From: magnum <>
Subject: Re: [JtR patch] Fast cracker for Mozilla Firefox, Thunderbird
 and SeaMonkey master passwords.

On 03/26/2012 10:26 AM, Dhiru Kholia wrote:
> On Mon, Mar 26, 2012 at 1:48 PM, magnum <> wrote:
>> Because that buffer overrun of globalSalt overwrites the fd! So you are
>> calling fseek with a trashed file descriptor.
>> I suppose it should be globalSalt[25] now. I see from the comments it
>> has grown over time (with newer versions of Mozilla) from 16 but they
>> forgot to bump the size in the struct.
> Cool, understood. Can you commit the fixed version?

OK, done.

> Also, the speed of the format has gone down since my first release (is
> it due to moving of memcpy to crypt_all which is required for OMP
> support?).

No, that is very small and quick. I'm not sure, I see nothing wrong from
a quick look.

I can't see any obvious reason it doesn't scale better either - it
spends 95% in (and below) crypt_all() where everything should be MT. But
I only get 161% when running on two threads. I think this format is slow
enough to scale much better than that.

I would correct your backwards use of get_salt() / set_salt() as Jim
suggested before doing anything else, but that's not really the reason
here as I'm just testing with one salt.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.