|
Message-ID: <1404759736.76015.57.camel@btw.pki2.com> Date: Mon, 07 Jul 2014 12:02:16 -0700 From: Dennis Glatting <jtr@...2.com> To: john-users@...ts.openwall.com Subject: RE: Possible bug in zip_fmt_plug.c, bleeding edge Kewlness. Will give it a run. On Mon, 2014-07-07 at 08:39 -0500, jfoug wrote: > There is a new updated zip-aes format. Currently, it is only implemented on > the CPU side. I had to make changes to the format string, so the legacy > $zip$ format has been retired. It likely (due to seeing the recent bugs), to > have never worked right. The new format had to add several things needed, > but now, the detection is deterministic. In other words, no more > FMT_NOT_EXACT logic in this format. However, you will need to re-run > zip2john against your encrypted .zip files again, to use with this new > format. The hash needs to read data from the .zip file to work properly. > There should be almost no noticeable slowdown from the prior code, UNLESS > you have a .zip file that has ONLY very large compressed data in it. The > exact deterministic method requires computing a HMAC-SHA1 over the > compressed/encrypted data blob. That is a pretty fast operation, BUT if the > data size is large, then it can really slow down times where the 2 byte > checksum says that this value 'might' be a hit. That happens, btw, 1 out of > 64k times, so unless the compressed blob is huge, this slowdown should not > really be apparent. > > This version is only in the git repository: > git clone git://github.com/magnumripper/JohnTheRipper -b bleeding-jumbo > > Also, this is not a complete re-write, but it was very substantial. There > may be a bug still here or there, but will be corrected when they are seen. > Also the opencl version will need to handle the new format hash signature > and fields, and perform the proper authentication on 'likely' passwords. > The current opencl version is only showing the likely passwords (i.e. the 1 > out of 64k check was successful). > > From: Dennis Glatting Thursday, July 03, 2014 1:19 > On Thu, 2014-07-03 at 00:14 -0400, JimF wrote: > > ---- Dennis Glatting <jtr@...2.com> wrote: > > > On Thu, 2014-07-03 at 02:19 +0200, magnum wrote: > > > > On 2014-07-03 01:07, Dennis Glatting wrote: > > > > > Prior to running my word list against my hash, JTR runs test > > > > > code using the data structure "zip_tests". Zip_tests by virtua > > > > > of the get_salt() function sets the global variable "passverify" > ...... >
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.