Date: Sat, 30 Jun 2012 09:03:41 +0200 From: Frank Dittrich <frank_dittrich@...mail.com> To: john-dev@...ts.openwall.com Subject: Re: For some dynamic formats on linux-x86-mmx build cracking depends on password candidate sequence On 06/29/2012 11:52 PM, jfoug wrote: > But this does appear to be something along the lines of improper key cleaning. Please note that with --mkpc=127 the bug disappears as well. > I just wonder why you were not seeing any failures when the pw file was not in reversed order? I think I know. Among other such lines, line 5118 contains a password of 110 consecutive [0-9] characters. 5118 = 40 * 128 - 2 If I change that word to a much shorter one (I used 0123456789fdtest), the clang build (which failed to crack 18 passwords before), cracks these 6 additional passwords, increasing the total count from 1482 to 1488: Sword��sh__3 (u778-dynamic_2) asdfasfga__7 (u658-dynamic_2) characters__5 (u532-dynamic_2) PIII__4 (u406-dynamic_2) out�eft (u169-dynamic_2) swordfish (u47-dynamic_2) $ LC_ALL=C grep -n "^Sword...*sh__3$" pw.dic|grep -v fi 4994:Sword��sh__3 4994 = 39 * 128 + 2 Interesting that this word is *before* the one that I changed! May be we have a bug in a totally different location? $ grep -n "^asdfasfga__7$" pw.dic 5122:asdfasfga__7 5122 = 40 * 128 + 2 $ grep -n "^characters__5$" pw.dic 5250:characters__5 5250 = 41 * 128 + 2 $ grep -n "^PIII__4$" pw.dic 5378:PIII__4 5378 = 42 * 128 + 2 So there is a pattern. May be we need to carefully construct the pw.dic, so that very long passwords appear close to the boundaries of (MAX_KEYS_PER_CRYPT) blocks of passwords. And it is a good thing for testing that dupes suppression is not switched on. Running with --dupes-suppression, I would not have hit this bug. Frank
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.