Date: Wed, 28 Mar 2018 14:30:38 -0800 From: Royce Williams <royce@...ho.org> To: john-users@...ts.openwall.com Subject: Re: Support for cracking hash collisions On Wed, Mar 28, 2018 at 2:00 PM, Matt Weir <cweir@...edu> wrote: > In JtR is there a cracking option that will allow cracking sessions to > continue even after it finds a valid match, with all valid plaintexts being > saved to the POT file? An existing hash format where this would be useful > would be Mysql323, which suffers from having lots of collisions. I’ll admit > my question stems from the pwned password api lookup where it may be > possible to obtain the first five characters of the sha1 hash of a > password. I’d be curious if it would be worthwhile to create a dynamic hash > format to generate tailored dictionaries of collisions to use in other > attacks against stronger hashes. > Jumbo has: $ john --list=hidden-options | grep guess --keep-guessing try more candidates for cracked hashes (ie. search Royce
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.