Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 12 Mar 2007 23:47:09 +0100
From: "Alain Espinosa" <>
Subject: Re: LM an NTLM combination

I can reproduce the bug with the -4 version. Very intersting bug.

In version 5 i agregate this test in function cmp_one:

344     if(b!=t[1])
345        return 0;

This was because i try blocks of passwords and need a more especific test
(cmp_all could return 1 because only 1 password).

Puting this test in the 4 version fixed the bug. Why this occur? I really
dont know.

I think (-4 version) that before enter to cmp_one john need to enter to
cmp_all and checks the same condition that would make this checks (344,345)

But forget about cmp_all. Insert the lines in -4 patch. Eliminate this lines
(344,345) now could make that at least more or equal hashes pass the test of
cmp_one and the bug (if existed) need to be accept password that dont have
the current hash. But what happens its the opposite. And i dont understand
why in 2 pass john find passwords. Maybe Solar, who know the intrinsics of
john, can explain. I dont undestand.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.