Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 26 Jul 2012 02:51:31 +0400
From: Alexander Cherepanov <>
Subject: Re: mscash2 / hmac-md5 ambiguity

On 2012-07-24 03:05, Frank Dittrich wrote:
> On 07/24/2012 12:41 AM, jfoug wrote:
>> I think we are now pushing over 120 formats, written by different people.
>> Numerous of these formats handle data in multiple ways, and/or
>> handle/convert raw hash strings as valid data.  That is where ambiguity
>> creeps in. There is absolutely no way around the ambiguity.  It simply is
>> not going to happen, unless we force a unique string for each format, and
>> that will force users to have to modify the 'native' hash strings they have
>> in hand, just to fit into JtR.
> I think Alexander was talking about such collisions that remain even if
> we convert all password hash files into a form that uses the canonical
> representation (for those formats where such a canonical representation
> exists). This could be a scripted one-time activity (provided it is easy
> to identify the hash format that is used in a certain file.

Yeah, I'll try to write a script to do it accurately. Though simple 
--pot=/dev/null --show=left is probably enough for the contest.

> If Korelogic will mix several ambiguous hashes of different formats into
> one file, then this approach wouldn't work.
> (Because after cracking the first few passwords, you might assume that
> all the other similar hashes in that same file also have the same format.)

That would be a trap:-)

Alexander Cherepanov

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.