Date: Sun, 5 Sep 2021 08:45:24 -0800 From: Royce Williams <royce@...hsolvency.com> To: john-dev <john-dev@...ts.openwall.com> Subject: Re: precomputed attacks for john: rainbow tables and other ways On Sun, Sep 5, 2021 at 8:38 AM Aleksey Cherepanov < aleksey.4erepanov@...il.com> wrote: > descrypt is an interesting target because its keyspace is on border of > what could be computed in a year. It is salted, but there are only 4096 > different salts. So either separate tables could be prepared, or just > one table for a random salt would be ok to be able to crack a few hashes > to uncover missing patterns. > > For a few descrypt hashes I might want to prepare a RT like full 7-bit > byte x 5 positions, so I would be able to run it and say: ok, remaining > passwords are longer than 5 chars and I don't miss utf-8 in short > passwords. > descrypt is indeed an interesting "middle ground" case - perhaps one of the only mainstream cases in which exhausting the "salt space" might prove interesting. A while back, I did some crude caching of all descrypt salts for targeted terms here: https://github.com/roycewilliams/kens-salty-rainbow And yes, I'm deliberately making ironic use of the word "rainbow" here. :D Royce Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.