Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 28 Jun 2012 17:20:20 -0500
From: "jfoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: RE: raw-sha2 CUDA fails IRL (it seems)

NOTE, the ts's pw.dic file will SMASH formats that do not protect themselves from buffer overruns. 

Ppl have been warned many times recently.  This is RW type stuff.  Expecting a 15 byte max length (or or 20 or 25 or whatever) for input passwords is not realistic.  The format has to be written to protect itself.  It is 100% fine if the format cannot find passwords longer than some set max.  But the format MUST be able to deal with a file containing longer lines.  

I am not sure this is the problem, but it really sounds like it could be.  The TS was written to try to smoke out these problems.

Jim.

>-----Original Message-----
>From: Frank Dittrich [mailto:frank_dittrich@...mail.com]
>Sent: Thursday, June 28, 2012 4:12 PM
>To: john-dev@...ts.openwall.com
>Subject: Re: [john-dev] raw-sha2 CUDA fails IRL (it seems)
>
>On 06/28/2012 11:08 PM, Frank Dittrich wrote:
>
>> Do the hard coded test cases get cracked if put into a file?
>
>And what if you combine the hard coded test case hashes and the TS
>hashes into one input file, and the TS pw.dic and the hard coded
>passwords into a password file?
>
>Frank

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.