Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 13 Feb 2013 23:06:54 +0100
From: magnum <>
Subject: Re: SSHA-512 supported?

On 11 Feb, 2013, at 16:56 , Solar Designer <> wrote:
> On Mon, Feb 11, 2013 at 10:26:01AM -0500, Jon Schipp wrote:
>> $ time perl -e '$p = "{ssha512}04\$................\$"; print
>> crypt("", $p), "\n"; for ($n = 0; $n < 100000; $n++) { $c = crypt($n,
>> $p); print "$n $c\n" if ($c =~ /\.\.\.[^\$]*$/); }'
>> 6TE2Fa9WkC.UM
> [...]
> OK, we're totally out of luck with this approach.  Thanks anyway!

This seems to be a limitation of [that] perl and not of crypt(3):

> If the left brace ( { ) is the first character of the value that the Salt parameter specifies, then the Loadable Password Algorithm (LPA) uses the name that is specified within the braces ( {} ). A set of salt characters follows the LPA name and ends with a dollar sign ($). The length of the salt character depends on the specified LPA. The following example shows a possible value for the SMD5 LPA that the Salt parameter specifies:
> {SMD5}JVDbGx8K$

So the same tests written in C should work. Jon, can you compile a trivial C program on that box? I mean, is there a compiler available?


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.