Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 25 Feb 2011 18:33:28 -0600
From: "jfoug" <jfoug@....net>
To: <john-users@...ts.openwall.com>
Subject: RE: md5_gen(0) broken for ages?

This change should fix the problem seen.  NOTE the change I posted to 
the rawMD5go_fnt.c should also be done.

This change is to md5_gen_fmt.c in the get_salt function:

static void *get_salt(char *ciphertext)
{
	static char Salt[SALT_SIZE+1];
	memset(Salt, 0, SALT_SIZE+1);
+	if (saltlen==0)
+		return Salt;
	strncpy(Salt, &ciphertext[md5_gen_SALT_OFFSET], SALT_SIZE);
	Salt[SALT_SIZE] = 0;
	if (md5_gen_salt_as_hex)

The above should flip john into saltless mode for all saltless
Md5-gen formats.

Up to this point, I had not run any file with any data past the
hast, thus I have not seen this buggy behavior.

Jim.

-----Original Message-----
From: magnum [mailto:rawsmooth@...dband.net] 
Sent: Friday, February 25, 2011 5:54 PM
To: john-users@...ts.openwall.com
Subject: Re: [john-users] md5_gen(0) broken for ages?

On 02/25/2011 04:50 PM, jfoug wrote:
> I think this will fix it.
>    clip

Tried it. It doesn't seem to fix my problem:

$ ./john-jumbo12E1-intr-fix test.rawmd5 -fo:raw-md5 -si
Using raw-md5 mode, by linking to md5_gen(0) functions
Loaded 33837 password hashes with 489 different salts (Raw MD5 [gen])

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.