Date: Thu, 26 Sep 2019 17:18:25 -0400 (EDT) From: jfoug openwall <jfoug.openwall@....net> To: john-users@...ts.openwall.com Subject: Re: Dynamic format & truncate On 9/26/2019 3:14 PM, Vincent wrote: > I'd like to create a new dynamic format using truncation but I'm a bit > confused after checking some examples. Simple example from dynamic.conf: Truncation works based upon placing a shorter 'flag' for input length. NOTE, if there is no flag, then the default 16 byte input (32 hex) is used. > - How does this code know that it only needs to compare [0:31] instead of > [0:39]? Due to not adding a input length flag. For SHA1 (full width), it requires a Flag=MGF_INPUT_20_BYTE flag to be added. The format you show has no added flag, so the 16 byte default width is used. NOTE, this is ONLY used for determining which input values to load. > > - Is it possible to truncate leading instead of trailing nibbles, e.g. match > [8:39]? At the current time, no. The load looks at the first part of the hash only. But I can see your point, if dyna did allow different nibbles, then a format like the leaked linked in where there were some hashes which started out with 00000000 (but which were not 0's but the 0's overwrote the actual hash), could have been done in dynamic. But there was no 'design' to this. It simply was how the loader was built. I wrote dynamic to do MD5 hashes (thus the 16 byte default). When I started adding other hashes, I added flags listing the length of the input string. BUT if the flag was left out, the hash DID work, but simply only looked at X number of bytes. NOTE, you could create a SHA512 hash, but use 'Flag=MGF_INPUT_20_BYTE' In that case, it would still perform the script using sha512, BUT it would load 20 byte hashes (40 bytes hex), and would do comparison based upon that length against the completed hashes. So here is a raw-sha512 format. The first truncates to 20 byte (i.e. first 20 bytes of hash only), the 2nd is full width raw-sha512. As you can see from the test string, the truncated version only has the first 40 hex characters, but they are identical. Also, if there is NO MFG_INPUT_xxx_BYTE flag, then 16 byte width is used. [List.Generic:dynamic_4444] Expression=sha512($p) truncated to 20 bytes Flag=MGF_FLAT_BUFFERS Flag=MGF_INPUT_20_BYTE MaxInputLen=110 MaxInputLenX86=110 Func=DynamicFunc__clean_input Func=DynamicFunc__append_keys Func=DynamicFunc__SHA512_crypt_input1_to_output1_FINAL Test=$dynamic_4444$b109f3bbbc244eb82441917ed06d618b9008dd09:password [List.Generic:dynamic_4445] Expression=sha512($p) Flag=MGF_FLAT_BUFFERS Flag=MGF_INPUT_64_BYTE MaxInputLen=110 MaxInputLenX86=110 Func=DynamicFunc__clean_input Func=DynamicFunc__append_keys Func=DynamicFunc__SHA512_crypt_input1_to_output1_FINAL Test=$dynamic_4445$b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86:password
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.