Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 25 Feb 2011 19:20:43 -0600
From: "jfoug" <jfoug@....net>
To: <john-users@...ts.openwall.com>
Subject: RE: md5_gen(0) broken for ages?

The reason why the user:hhhhhhhhhhhhhhhh..  format which is 'raw-md5' does
not work in md5_gen(0), is that for md5_gen(0) to validate a line, it
HAS to be in the format user:md5_gen(0)hhhhhhhhhhh.....

Now, the raw-md5go.fnt.c (the 'thin' version), converts the hash part
Of the line from hhhhhhhh..... to md5_gen(0)hhhhhhhhhh...  Then it sends
It to md5-gen's validate() function.   Thus, the raw-md5go_fmt.c is 
'thin'.  It does not perform work, but links into the md5_gen function, and
Transforms the hashes so that the appear to be in proper md5-gen format.


It is no different than taking a line like

User:abcdef0123456789abcdef0123456789

And calling john with john -format=md5a inputfile.in

and expecting the above line in the input file to be 'used'.
It will not be used, because md5a has a specific format, and
That hash does not match it.  If a hash does not start with the
$1$ when md5a will never choose that line. Same for md5_gen(0)
If the hash does not start with md5_gen(0), then it will be
used and there is no way to 'force' john to use it.

I am hopeful the other bug fix I posted gets you up and running
properly in md5-gen format.  If so, I will get a new patch put to
the wiki..

Jim.

-----Original Message-----
From: magnum [mailto:rawsmooth@...dband.net] 
Sent: Friday, February 25, 2011 6:48 PM
To: john-users@...ts.openwall.com
Subject: Re: [john-users] md5_gen(0) broken for ages?

>> And here is a separate problem: I can not load raw-md5 using
>> command-line format and subformat
>
> you would not use md5-gen in this instance. You would use raw-md5

Fair enough, but I don't see why. I supply hashes to md5-gen and tell it 
what they are, why would that not work? Then again, it was only a 
problem when I tried to nail that other issue.

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.