|
Date: Fri, 5 May 2017 15:08:52 +0200 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: Max characters for password candidates (NTLM) and others On Thu, May 04, 2017 at 11:56:38PM +0200, magnum wrote: > On 2017-05-04 23:44, Frank Dittrich wrote: > > So, it would be possible to drop that limit (or change the limit from > > currently 27 characters to, say, 54 characters). > Sure. We could support any length but it'd be slower. Actually, for a > non-SIMD build (eg. non-Intel using OpenSSL) I think our limit is 125 > bytes (which is the hard deck no-matter-what, set by legacy core code) > and that'd be just 41 characters worst case (that is, every one of them > take three bytes to represent in UTF-8). So maybe we can recommend Rob to make and use a non-SIMD build of JtR for such special cases for now? I guess this would also help him with "also having the same issue with Kerberos TGS hashes with known passwords" (quoting from the GitHub issue). I think this amounts to: make distclean ./configure --disable-native-tests CFLAGS='-O2 -mno-sse2 -mno-mmx -U__SSE__' Yes, that's a bit tricky, and IIRC the last -U__SSE__ is a workaround for glibc headers. > > But trying password candidates that are longer than 27 characters would > > reduce the cracking speed to about half the speed of the current > > implementation. > Actually we could implement some kind of branching and support > 27/54/81/108/125 bytes, no problem. And we could re-write John's core > and support more than 125 bytes. But with fast hashes like NT the > branching would be a significant regression. It would hurt real-world > cracking: No-one has a password of 27 characters, let alone longer. I think Rob actually has a real-world use case for this. I don't know what it is. Maybe not for NT specifically, but for other hash types exhibiting similar length limits now. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.