Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 09 Jul 2012 23:02:41 +0200
From: magnum <>
Subject: Re: request for new dynamic subformats

Committed to magnum-jumbo and downstream. Actually I guess we could put
it in -fixes too, no?


On 2012-07-09 20:37, jfoug wrote:
> This patch should get the first 2 formats in.  I have not done the new files
> for the TS yet.  This patch should probably put in all branches.
> Here are lines I am using, to build test strings, for anyone
> wanting to learn more about that tool.
> ./  'dynamic=num=35,format=sha1($u.$c1.$p),usrname=uc,const1=:'
> and
> ./  'dynamic=num=36,format=sha1($u.$c1.$p),usrname=true,const1=:'
> ManGOS will be dynamic_35 and ManGOS2 will be dynamic_36.  The only
> questions I have are the 'strtoupper' in dyna_35.  Are we going to have
> encoding issues here?  I am hopeful that dynamic has taken this into
> account, but I will have to audit it, to make 'sure' (the same will be for
> the strlower in the 3rd type).
> Now, I have questions for type #3 and #4.  In these, they are a full SHA,
> but only a truncation gets stored to the file?  Is that truncation the first
> part of the SHA string, or the last?
> Jim.
>> From: Dhiru Kholia
>> 1. SHA-1(ManGOS) = sha1(strtoupper($username).':'.$pass)
>> Works for all private server projects that use the same hashing
>> method: trinity, ascent and others.
>> 2. SHA-1(ManGOS2) = sha1($username.':'.$pass) # already supported?
>> 3. sha1(strtolower($username).$pass)
>> Example: Admin:6c7ca345f63f835cb353ff15bd6c5e052ec08e7a
>> Used in SMF.
>> Length: 20 bytes.
>> 4. sha1($salt.sha1($salt.sha1($pass))) # thick format already exits
>> Used in Woltlab BB.
>> Length: 20 bytes.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.