Date: Mon, 17 Sep 2012 03:41:10 +0400 From: Alexander Cherepanov <cherepan@...me.ru> To: john-dev@...ts.openwall.com Subject: Re: Cracking Mountain Lion hashes (WIP) On 2012-09-10 20:48, Dhiru Kholia wrote: >> which your code doesn't seem to accommodate for. Don't know how >> popular it is and whether it's worth supporting. > > It is not my code ;). Lukas wrote it. Yes, my mail should have been addressed to Lukas, sorry for confusion. > I can see if this can be fixed easily. It would be great to at least fix a buffer overflow on overly long salts. > Lukas, > > Any comments? I think we already calculate variables salt's length > correctly. We just need to apply the same code to actual hash string. > Correct? To start really work with long hashes one needs to decide how to store it -- to move limit on salt length to another arbitrary value, to use dynamic memory for it or something. I'm not sure which way is better. >> 3. Just found that passlib supports plain pbkdf2_sha512 (in >> addition to grub_pbkdf2_sha512). It looks like this: >> '$pbkdf2-sha512$6400$Y2wNgZByDgGgFEIIYay1Ng$y2Epfl7fAwx7v.Zw9hNnEKCfGmWvFZoF.dQMfjhjnM.sSmDI7yXRe8JcqrdPdf5nbFEgMBWSY2cPW1stdtD3oA' > > Is this output format used by some real application? If yes, then we > will have to add support for it at some point. Thanks again. I don't know, probably not. -- Alexander Cherepanov
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.