Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 11 Sep 2012 00:30:04 +0200
From: magnum <>
Subject: Re: oldoffice

On 2012-09-11 00:19, magnum wrote:
> On 2012-09-11 00:11, Rich Rumble wrote:
>> I wonder if these need to be truncated at 15... myhovercraftisf
>> I know I was able to input over 15 chars to save them, but I know
>> opening the old formats they do not allow more than 15 chars input
>> (good QA M$). They do open using 15 chars when I tested using the
>> office suites, not sure about the JtR side...
> Bingo! We crack 30/30. Well done, Dhiru, and thanks, Rich!

This means we should truncate candidates for those particular formats -
if it's even possible to know which need it. We don't usually truncate
differently for different hashes within the same format, this would not
work well with rules and stuff. Maybe we should just document it, and
perhaps add a truncation rule just for this situation:

    # Some Office <=2003 files have passwords truncated at 15 chars


Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.