Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 23 Jul 2012 13:47:21 +0400
From: Alexander Cherepanov <cherepan@...me.ru>
To: john-dev@...ts.openwall.com
Subject: Fwd: [john-contest] mscash2 / hmac-md5 ambiguity

It's more appropriate for john-dev, but beware: I only checked it with 
contest version of john.

-------- Original Message --------
Subject: [john-contest] mscash2 / hmac-md5 ambiguity
Date: Mon, 23 Jul 2012 13:19:05 +0400
From: Alexander Cherepanov <cherepan@...me.ru>
Reply-To: john-contest@...ts.openwall.com
To: john-contest@...ts.openwall.com

Hi!

mscash2 hashes in their canonical form are nevertheless accepted as
hmac-md5:

$ cat mscash2.john
chatelain:$DCC2$10240#chatelain#e4e15fdfafc8e715da9edec3611bfbff
$ john mscash2.john
Warning: detected hash type "mscash2", but the string is also recognized
as "hmac-md5"
Use the "--format=hmac-md5" option to force loading these as that type
instead
Loaded 1 password hash (M$ Cache Hash 2 (DCC2) PBKDF2-HMAC-SHA-1
[128/128 SSE2 intrinsics 8x])
guesses: 0  time: 0:00:00:02 0.00% (2)  c/s: 339  trying: 123456 - abc123
Session aborted
$ john --format=hmac-md5 mscash2.john
Loaded 1 password hash (HMAC MD5 [128/128 SSE2 intrinsics 12x])
guesses: 0  time: 0:00:00:02 0.00% (3)  c/s: 1120K  trying: 123man - 123mah
Session aborted

IMHO that's not very good.

-- 
Alexander Cherepanov

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.