Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 6 Aug 2012 08:52:39 +0200
From: Frank Dittrich <frank_dittrich@...mail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Aleksey's status report #14

On 08/06/2012 04:35 AM, Solar Designer wrote:
> On Sun, Aug 05, 2012 at 11:22:41PM +0400, Aleksey Cherepanov wrote:
>> Problems
>>
>> Working with code I found some old problems and understood some more.
>> They are quite important.
>>
>> - I could not connect cracked password with original hash
>>
>> I call `john -show` and read user and password then put password to
>> all rows where user is the same. It is wrong and only works when we do
>> not have two rows with the same user name.
>>
>> I could not look into .pot because hashes there could be in other
>> form. Though for core john they could be the same, aren't they?
> 
> Not necessarily.  There's LM with its split into halves and case
> unification.  There's bigcrypt with its split into halves as well.

How about a warning that the current version has such problems, only if
the user loads a password file where multiple users have the same name?
I don't expect this to be very common.
For all core hash types except LM it should also work if you rewrite the
user specified file, putting the hash into the first column instead of
the user name, and call john --show on this file. (Don't change the
original file, and use the user specified file for real cracking!)
I don't think this is important right now.
You would have to combine password hashes from different sourced to end
up with a file where a user name appears multiple times.

Frank

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.