Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Wed, 9 Sep 2015 12:19:43 -0500
From: JimF <jfoug@....net>
To: john-dev@...ts.openwall.com
Subject: Re: auditing our use of FMT_* flags


On 9/8/2015 10:42 AM, Kai Zhao wrote:
> Since JimF has add the flag for MediaWiki, PHPS and PHPS2, I think I 
> should add these formats to whitelist. Maybe also includes 
> dynamic=md5($p). Should I ? 
> https://github.com/magnumripper/JohnTheRipper/commit/cc5ae475bad53ca46b9c74a82848bc86c6b9c314

Ok, this certainly did show errors.  I had made changes to these 
formats, adding a 'smarter' split, so that it would allow a 'real' hash 
to store in the pot file, even though using a thin dynamic.

So, media wiki will now write  $B$salt$hash... into the .pot file, where 
before it was writing $dynamic_9$hash$salt-

That split was built do output in 2 possible ways, and then a prepare 
that would fix up to a single unified format.  However, this split 
function was NOT casing properly.  I have fixed this. I also added a 
proper dynamic hash to the array, and this turned up an issue which I 
have also fixed, in the case detect logic.  The older logic only tested 
the first element, and then made a yes or no based upon that. I have 
changed so that I test every element.  I will end up with a yes, a no, 
or a 'sometimes' end result, and will print errors listing all cases.

I will get these changes in shortly, and then move on the remaining 
failures.

Here is what was listed.  NOTE, a new format shows up as 'sometimes', 
and there likely are others, but they do not auto show up, because we do 
not have test strings in all layouts that the format's split() can 
handle.  I know I will have to make sure all of the thin formats have 
both types, since the splits were re-done like they were in media wiki. 
But there may be other hashes that handle both a canonical and a raw 
hash (or some other format), which only 'some' of the split() execution 
path's would properly case, but that have not enough test cases.

Jim.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.