Date: Mon, 12 Mar 2007 23:47:09 +0100 From: "Alain Espinosa" <alainesp@...il.com> To: john-users@...ts.openwall.com Subject: Re: LM an NTLM combination I can reproduce the bug with the -4 version. Very intersting bug. In version 5 i agregate this test in function cmp_one: 344 if(b!=t) 345 return 0; This was because i try blocks of passwords and need a more especific test (cmp_all could return 1 because only 1 password). Puting this test in the 4 version fixed the bug. Why this occur? I really dont know. I think (-4 version) that before enter to cmp_one john need to enter to cmp_all and checks the same condition that would make this checks (344,345) innecesary. But forget about cmp_all. Insert the lines in -4 patch. Eliminate this lines (344,345) now could make that at least more or equal hashes pass the test of cmp_one and the bug (if existed) need to be accept password that dont have the current hash. But what happens its the opposite. And i dont understand why in 2 pass john find passwords. Maybe Solar, who know the intrinsics of john, can explain. I dont undestand. alain
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.