Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 3 Sep 2011 03:56:25 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: False positives on zip (aes256)

Jim -

On Fri, Sep 02, 2011 at 08:38:30AM -0500, jfoug wrote:
> I have added this as a 'wish list' item.  So if we do have formats which end
> up outputting false ++ (and we cannot 'fix' them), then an option like this
> will do just what you are seeing be performed with your hard coded change.

Alternatively, we could add a flag like FMT_MULTIGUESS, which we'd set
for the current implementation of the WinZip/AES format, and which the
rest of JtR code would interpret as a request to allow this format to
produce multiple guesses.  It would affect (non-)removal of cracked
hashes/ciphertexts both during cracking and on load.

Besides false positives, another use may be for very weak
hashes/ciphers/non-crypto where actual collisions are likely - e.g., if
we ever introduce a way to crack CRC-32, BIOS passwords, etc. and want
to let the user choose a good-looking one out of many valid passwords.

This is becoming a topic for john-dev, though.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.