Date: Mon, 28 Feb 2011 00:51:09 +0100 From: magnum <rawsmooth@...dband.net> To: john-users@...ts.openwall.com Subject: Re: md5_gen(0) broken for ages? On 02/26/2011 06:22 PM, jfoug wrote: > There are several caveats (and I have not yet dug into any unintended > consequences). > > 1. This will ONLY be used, if you fully specify the md5-gen format and a > subformat. No problem here > 2. This will likely only work for non-salted hashes, due to how md5_gen > requires the salt to be placed. Well if you know a salt, you would of course prepare the file (but only once!) so the salt part is correct for md5-gen: user:b065775a4631811715c2b83163b921a0$salt::: So it's "half-prepared" for md5_gen but it doesn't say which subformat we want. Then you just try subformats using the command-line option - of course picking those with one salt, as well as formats like md5($u.md5($p).$s). Hopefully this will be OK with the implementation you have in mind. > However, even with the above caveats (and likely more), I do think this is a > valid change, and I was surprised that it really was not that hard. Note, I > do not have it fully working yet, but do have the 'valid' function working. > I will have to make a few additional changes, but I do believe this is a > doable function. I'm glad to hear that! Thanks, magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.