Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 13 Feb 2013 23:06:54 +0100
From: magnum <john.magnum@...hmail.com>
To: john-users@...ts.openwall.com
Subject: Re: SSHA-512 supported?

On 11 Feb, 2013, at 16:56 , Solar Designer <solar@...nwall.com> wrote:
> On Mon, Feb 11, 2013 at 10:26:01AM -0500, Jon Schipp wrote:
>> $ time perl -e '$p = "{ssha512}04\$................\$"; print
>> crypt("", $p), "\n"; for ($n = 0; $n < 100000; $n++) { $c = crypt($n,
>> $p); print "$n $c\n" if ($c =~ /\.\.\.[^\$]*$/); }'
>> 6TE2Fa9WkC.UM
> [...]
> 
> OK, we're totally out of luck with this approach.  Thanks anyway!

This seems to be a limitation of [that] perl and not of crypt(3):
http://pic.dhe.ibm.com/infocenter/aix/v7r1/topic/com.ibm.aix.basetechref/doc/basetrf1/crypt.htm

Excerpt:
> If the left brace ( { ) is the first character of the value that the Salt parameter specifies, then the Loadable Password Algorithm (LPA) uses the name that is specified within the braces ( {} ). A set of salt characters follows the LPA name and ends with a dollar sign ($). The length of the salt character depends on the specified LPA. The following example shows a possible value for the SMD5 LPA that the Salt parameter specifies:
> {SMD5}JVDbGx8K$


So the same tests written in C should work. Jon, can you compile a trivial C program on that box? I mean, is there a compiler available?

magnum

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.