Date: Tue, 26 Jun 2012 14:18:51 +0200 From: Frank Dittrich <frank_dittrich@...mail.com> To: john-dev@...ts.openwall.com Subject: Re: raw-sha1_li On 06/26/2012 12:12 PM, Andries E. Brouwer wrote: >> In this format, we 'could' remove the raw-sha1_LI, and simply change >> raw-sha1 to behave like this. > > There are two entirely different hashes: > 1. raw-sha1 > 2. raw-sha1 followed by zeroing the first 20 bits > > They should have different names since they differ. > For example, the linkedin dump contains the hashes > > a96807e7bd710592ee36264a72d6aa35c2d165f9 > 000007e7bd710592ee36264a72d6aa35c2d165f9 > > Now sunshine09 has sha1sum > > 3b1787e7bd710592ee36264a72d6aa35c2d165f9 Interesting. If a96807e7bd710592ee36264a72d6aa35c2d165f9 really is a hash of a real password, this probably means raw-sha1-linkedin needs the FMT_NOT_EXACT flag set. Frank
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.