Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 27 Jul 2015 21:57:34 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: auditing our use of FMT_* flags (was: more robustness)

Hi magnum,

On Mon, Jul 27, 2015 at 9:52 AM, Kai Zhao <loverszhao@...il.com> wrote:
>
> Hi Alexander,
>
> On Sun, Jul 26, 2015 at 2:57 AM, Solar Designer <solar@...nwall.com>
wrote:
> >
> > Kai,
> >
> > On Sun, Jul 12, 2015 at 05:18:03PM +0300, Solar Designer wrote:
> > > Unrelated, here's a task for you for next week: identify improperly
set
> > > or missing FMT_* flags.  For example, a format supporting 8-bit chars
in
> > > passwords (unlike descrypt, which drops the 8th bit, by its
definition),
> > > but forgetting to set FMT_8_BIT.
> > >
>
> For dominosec8 which does not set FMT_8_BIT.
>
> static struct fmt_tests tests[] = {
>         {"(HsjFebq0Kh9kH7aAZYc7kY30mC30mC3KmC30mCluagXrvWKj1)",
"hashcat"},
>         {NULL}
> };
>
> 't' is '\x74', so when I change "hashcat" -> "hashca\x74" and recompile.
>
> $ ./john --test=0 --format=dominosec8
> Will run 8 OpenMP threads
> Testing: dominosec8, Lotus Notes/Domino 8 [8/64]... (8xOMP)
> PASS
>
> Since it does not set FMT_8_BIT, so it ignores the 8th bit.
>
> 't' is '\x74', and '\x74' | '\x80' is '\xF4', so I change "hashcat" ->
> "hashca\xF4". But the test result is failed. Is this a bug ?
>
> $ ./john --test=0 --format=dominosec8
> Will run 8 OpenMP threads
> Testing: dominosec8, Lotus Notes/Domino 8 [8/64]... (8xOMP)
> FAILED (cmp_all(1))
>
> I did the same thing to those formats which do not set FMT_8_BIT
> and they are ok. Such as, descrypt, bsdicrypt, tripcode
>

Could you help me with the FMT_8_BIT ? Do I understand right ?
Thanks very much.


Thanks,

Kai

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.