Date: Wed, 28 Mar 2018 18:00:06 -0400 From: Matt Weir <cweir@...edu> To: john-users@...ts.openwall.com Subject: Support for cracking hash collisions In JtR is there a cracking option that will allow cracking sessions to continue even after it finds a valid match, with all valid plaintexts being saved to the POT file? An existing hash format where this would be useful would be Mysql323, which suffers from having lots of collisions. I’ll admit my question stems from the pwned password api lookup where it may be possible to obtain the first five characters of the sha1 hash of a password. I’d be curious if it would be worthwhile to create a dynamic hash format to generate tailored dictionaries of collisions to use in other attacks against stronger hashes. Cheers, Matt
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.