Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 2 Sep 2015 09:11:42 -0400
From: Rich Rumble <>
Subject: Re: plaintext truncation

On Tue, Sep 1, 2015 at 1:41 PM, magnum <> wrote:

> On 2015-09-01 18:31, Rich Rumble wrote:
>> On Tue, Sep 1, 2015 at 12:23 PM, magnum <> wrote:
>> This is now implemented (3701702). The following formats got FMT_TRUNC as
>>> of now: DEScrypt, bcrypt, LM, tripcode, nethalflm, netlm, PST, RACF, sapb
>>> and VNC.
>>> Some more may need it but these should be the most important ones.
>>> Old-office has a 15 char limit IIRC.
> That rings a bell... but IIRC this only applies to some specific
> version(s), not all the ones supported by our oldoffice format. Perhaps it
> applies to '$oldoffice$0'?
I'm not sure how many office formats there are, but prior to 2007, 15 was
the limit imposed by M$.

> That does not apply to Outlook however, it uses CRC-32 codes and I
>> don't think length matters there.
> Apparently it truncates at 8, so it's got FMT_TRUNC already. I think it
> can find a working (although not neccessarily the original) password in 30
> seconds on average, using just one core of my laptop :-)

I know crc32 is quick :) but johns is not as quick as others, still I can't
complain about 30 seconds, though others find "instant" collisions.

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.