Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 27 Jan 2013 15:18:19 +0100
From: magnum <>
Subject: Re: Min password length

On 24 Jan, 2013, at 0:42 , magnum <> wrote:
> On 23 Jan, 2013, at 23:56 , magnum <> wrote:
>> On 23 Jan, 2013, at 23:44 , Frank Dittrich <> wrote:
>>> The other (and probably less confusing) short-term fix for unstable
>>> might be to hard code a min-length=8 in if the format is wpapsk.
>>> This min-length adjustment should be accompanied by an strerr output.
>> Yes, this is trivial. I'll try it out.
> Patch committed. For a --test run, no action is taken. For a real crack, min-length is bumped and a notice is printed to stderr. This for any format that starts with "wpapsk".
> Time for default wordlist + rules went from 2:05 to just 49 seconds.

I now noticed wowsrp also has a min length of 8 (according to a comment in the source). I will add a similar hack for it.

BTW this format also should not have FMT_CASE and it should use enc_strupper() in set_key in order to correctly uppercase non-ascii. I just fixed that.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.