Date: Thu, 26 Jul 2012 02:51:31 +0400 From: Alexander Cherepanov <cherepan@...me.ru> To: john-dev@...ts.openwall.com Subject: Re: mscash2 / hmac-md5 ambiguity On 2012-07-24 03:05, Frank Dittrich wrote: > On 07/24/2012 12:41 AM, jfoug wrote: >> I think we are now pushing over 120 formats, written by different people. >> Numerous of these formats handle data in multiple ways, and/or >> handle/convert raw hash strings as valid data. That is where ambiguity >> creeps in. There is absolutely no way around the ambiguity. It simply is >> not going to happen, unless we force a unique string for each format, and >> that will force users to have to modify the 'native' hash strings they have >> in hand, just to fit into JtR. > > I think Alexander was talking about such collisions that remain even if > we convert all password hash files into a form that uses the canonical > representation (for those formats where such a canonical representation > exists). This could be a scripted one-time activity (provided it is easy > to identify the hash format that is used in a certain file. Yeah, I'll try to write a script to do it accurately. Though simple --pot=/dev/null --show=left is probably enough for the contest. > If Korelogic will mix several ambiguous hashes of different formats into > one file, then this approach wouldn't work. > (Because after cracking the first few passwords, you might assume that > all the other similar hashes in that same file also have the same format.) That would be a trap:-) -- Alexander Cherepanov
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.