Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 15 Feb 2009 06:43:46 +0300
From: Solar Designer <>
Subject: Re: Broken long/double DES hash split

On Sat, Feb 14, 2009 at 09:06:06PM -0600, Joshua J. Drake wrote:
> I'm not sure if this is really broken or not, but it wasn't working
> for the password file I have that uses these types of hashes.

There are two types of hashes that look the same (24-character strings) -
one is bigcrypt, the other is crypt16.  JtR only supports the former.
Maybe you have the latter.  These two are described here:

> Basically, the way I understand the format is:
> ^  ^           ^
> |  |           + second 8 chars result
> |  + first 8 chars result
> + salt for both parts

No, not exactly.

bigcrypt uses the first two chars of the first "sub-hash" string as the
salt for the second sub-hash.  crypt16 works like you described above,
but iteration counts for the two sub-hashes differ.

> I corrected the DES_fmt.c split() function as seen in the attached
> patch.

Does it work against your hashes with that "correction"?  I would not
expect it to.  If it does, then you've discovered a third type of
double-length hashes - neither bigcrypt, nor crypt16.

> Do you have files that work with the current method?

Yes.  Some others in here also mentioned having used it successfully.

> -		memcpy(out, &ciphertext[2], 2);
> +		memcpy(out, ciphertext, 2);



To unsubscribe, e-mail and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.