Date: Fri, 17 Dec 2010 11:05:12 +0100
From: bartavelle <>
Subject: Re: several problems with JtR + jumbo 9 and/or omp-des-7

On 12/17/2010 06:52 AM, Solar Designer wrote:
> I can't reproduce this.  It works fine for me, cracking all 3107 hashes
> in my test file.  That's with a pure wordlist, no rules, though.  Maybe
> there's a bug in the wordlist buffering introduced in the jumbo patches?
> A bug that is easily seen only in conjunction with rules and with a tiny
> wordlist?  This code looked unreliable to me...

It seems to me the cmp_all logic is wrong. Output seems to be setup like
this, according to x86-64.S :

	movdqa a,  (128*base)+output8x(%rip);			\
	movdqa a3,  (128*base)+16+output8x(%rip);		\
	movdqa b, (128*base)+32+output8x(%rip);			\
	movdqa b3, (128*base)+32+16+output8x(%rip);		\
	movdqa c, (128*base)+64+output8x(%rip);			\
	movdqa c3, (128*base)+64+16+output8x(%rip);		\
	movdqa d, (128*base)+96+output8x(%rip);			\
	movdqa d3, (128*base)+96+16+output8x(%rip);


The comparison code was :

if(b==output8x[i] || b==output8x[i+1] || b==output8x[i+2] ||
b==output8x[i+3] || b==output8x[i+4] || b==output8x[i+5] ||
b==output8x[i+6] || b==output8x[i+7])
                        return 1;

It looks like it compares the A's B's C's and D's of the first row,
while it should compare the B's of all four rows. I don't know how that
could work for you.

This seems to work for me :

		if(b==output8x[i*32+8] || b==output8x[i*32+9] || b==output8x[i*32+10]
|| b==output8x[i*32+11] || b==output8x[i*32+12] || b==output8x[i*32+13]
|| b==output8x[i*32+14] || b==output8x[i*32+15])

I probably just produced the wrong fix, as you say it works well for
you, while it should not work at all based on my understanding of the
current code.

