Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 2 Jan 2014 7:55:42 -0500
From:  <jfoug@....net>
To: john-dev@...ts.openwall.com
Subject: Re: dynamic_2000 - dynamic_2014


---- Frank Dittrich <frank_dittrich@...mail.com> wrote: 
> Apparently, formats dynamic_2000 - dynamic_2014, defined in
> run/dynamic_flat_sse_formats.conf re-implement dynamic_0 - dynamic_14.
> 
> These formats are slower, but allow longer passwords.
> 
> Unfortunately, these formats use different canonical hash
> representations than the dynamic_0 - dynamic_14 formats.
> Probably this means, dynamic_2000 will not recognize cracked dynamic_0
> hashes in the pot file, and vice versa.
> 
> Is there an easy way to avoid this, 

This is a very good point frank.  I think we can do this by adding an 'array' of signatures to the dyna format.  Right now, there is a single number, that gets used to check for validity strings.  But if it were an array, then dyna_2002 would look for dyna_2 or dyna_2002 and accept both of them.

There are some caveats here (there always are).  Off the top of my head, you will end up with having something be in dyna_2 format, get cracked by dyna_2002, and then get written out as dyna_2002.  So there are some nuances that may have to be addressed, other than simply passing the valid check.  This is not a trivial request, but it is not rocket science either.  

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.