[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 11 Apr 2016 19:14:35 +0000
From: Francois Gaudreault <fgaudreault@...ecure.ca>
To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com>
Subject: Re: Dynamic and Very long Salt
Cool!
Well, let me know if you fix it properly, so I can adjust my structure. I’ll use the hack for now.
Just FYI, this dynamic format is for Oracle PeopleSoft’s PS_TOKEN ;)
Thanks!
FG
On 2016-04-11, 3:04 PM, "jfoug" <jfoug@...nwall.net> wrote:
>> I see. This salt format is very ugly, and unfortunately, keeping the integrity is important otherwise the SHA1 hash will not be right. By the way, I did the test by setting the SaltLen to -232 direct in the dynamic.conf and it appeared to work! :)
>>
>> Thanks for the help.
>>
>> FG
>Yes, at that length, the 'valid' will pass (works around the issue). I
>will see if I can get this working properly. The issue is that during
>'valid' work, we are dealing with strings. Thus any '$HEX$' data needs
>to be converted back to raw format. HOWEVER, if there are null bytes we
>can not convert.
>
>One other 'work' around, is to give a input test line that does not have
>the nulls (but is properly 'functionality'). The runtime of dynamic
>does not care about the null's. It will convert data salt data into a
>salt, and this data also contains a 'length'. So there are no str*()
>functions used after the valid.
>
>So we can 'fix' the format like this:
>
>[List.Generic:dynamic_1600]
>Expression=sha1($s.utf16le($p))
>Flag=MGF_INPUT_20_BYTE
>Flag=MGF_FLAT_BUFFERS
>Flag=MGF_SALTED
>SaltLen=-250
>Func=DynamicFunc__clean_input
>Func=DynamicFunc__append_salt
>Func=DynamicFunc__setmode_unicode
>Func=DynamicFunc__append_keys
>Func=DynamicFunc__SHA1_crypt_input1_to_output1_FINAL
>Test=$dynamic_1600$407f3647d798b43e3019241640ce722bd90d96f4$WC77QoMHvChmRzgBea6KunefQDf8J1erAwFGoUVJVmr7vPUDgCv3LJEsSRIzybQ1crZkulU3TXZF8juU52cL14LCoeLe40mE9zEU1b17LdtQG67Yk:password
>
>This also allows salts UPTO 250 characters long.
>
>I generated the test line using, and test the format with a 'null' byte salt.
>
>$ ../run/pass_gen.pl 'dynamic=num=1600,format=sha1($s.utf16($p)),saltlen=113'
>#!comment: Built with pass_gen.pl using RAW mode, 0 to 128 characters dict file=stdin
>
>Enter words to hash, one per line.
>password
>u0:$dynamic_1600$407f3647d798b43e3019241640ce722bd90d96f4$WC77QoMHvChmRzgBea6KunefQDf8J1erAwFGoUVJVmr7vPUDgCv3LJEsSRIzybQ1crZkulU3TXZF8juU52cL14LCoeLe40mE9zEU1b17LdtQG67Yk:0:0:password:
>
>$ cat tst1.in
>
>$dynamic_1600$e6155f87b073451076d81e3505f8b9fcd3f53b5a$HEX$710000000403020101000000bc0200000000000010500050005700450042004500580054000645004e0047000e50005300460054005f00480052003432003000310036002d00300034002d00300038002d00310039002e00320037002e00300035002e0030003000300030003000320000
>
>$ ../run/john tst1.in
>Loaded 1 password hash (dynamic_1600 [sha1($s.utf16le($p)) 128/128 AVX 4x1])
>Warning: poor OpenMP scalability for this hash type, consider --fork=8
>Will run 8 OpenMP threads
>Press 'q' or Ctrl-C to abort, almost any other key for status
>password (?)
>1g 0:00:00:00 DONE 2/3 (2016-04-11 14:00) 11.11g/s 74666p/s 74666c/s
>74666C/s 123456..Cloclo
>Use the "--show" option to display all of the cracked passwords reliably
>Session completed
>
>
>NOTE, this still has the 'bug', where valid does not unhex the data.
>But with the longer salt length being valid, it 'works'. NOTE, you can
>not have a salt up to 250 bytes long, and crack things with salts that
>long. The buffer length max for ANYTHING in dynamic is 256 bytes. But
>in this case the 'salt' is really only 113 bytes, and not 232.
>
>Again this hack should let you get things 'working', but I will work on
>the fixes needed for dynamic within valid to handle salts with nulls in
>them.
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
