Date: Sun, 19 Aug 2012 00:30:54 +0800 From: myrice <qqlddg@...il.com> To: john-dev@...ts.openwall.com Subject: Re: [john-users] Salted MD5 (was: Salted MD5 cracking problems) On Sun, Aug 19, 2012 at 12:26 AM, myrice <qqlddg@...il.com> wrote: > Solar, > > (Sorry for not see your irc message) > > On Mon, Aug 13, 2012 at 11:45 PM, Vladimir Vorontsov > <vladimir.vorontsov@...ec.ru> wrote: > >>> How many of these do you need to try cracking? Is the salt length >>> fixed (at 8?) or variable? In fact, is the salt value fixed or do >>> you have multiple per-hash salts? What cracking mode(s) would you >>> prefer to use? >> >> Salt length is fixed and can be 2 bytes (osCommerce) or 8 bytes >> (Bitrix and some another). I'm never seen anothers lengths. But it is >> possible in self-coded web-applications, not CMS. >> Salt value is not fixed always. We have unique salt per hash. >> > > Do we implement 2bytes salt and 8bytes as separate format? > > What will the format ciphertext like? If we have two salt length in > one, I think we could: > > "$SaltMD5o$123456$c02e8eef3eaa1a813c2ff87c1780f9ed","test1" > and > "$SaltMD5b$123456$c02e8eef3eaa1a813c2ff87c1780f9ed","test1" > > Thanks > myrice Oh, the salt length is wrong. It should be: "$SaltMD5o$1234$4a2a1b013da3cda7f7e0625cf3dc3f4c","thatsworking" for 2 bytes salt and "$SaltMD5b$1234567890123456$======hash=======", "plaintext" for 8bytes salt Thanks myrice
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.