Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  NEWS  community  lists  Wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Sat, 29 Aug 2009 11:22:32 +0200
From: SL <auditor@...chat.de>
To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com>
Subject: Re: Thoughts and questions on creation of a 'generic' MD5 hash set format (to handle 'all' of them)

$u is supposed to be the username, right?
$s2 is something like a static, systemwide key (like the syskey in  
Windows SAM).

Whatever I have encountered so far is on your list already. Good Job.

In handling, I see not much difference between $u and $s2 (or $k or  
whatever). But I agree to the path of 'reserving' such expressions.

Von meinem iPhone gesendet

Am 29.08.2009 um 06:50 schrieb "JimF" <jfoug@....net>:

> md5_gen(13) --> md5($u.md5($p).$s)      // note $u is not handled  
> yet (but we can 'reserve' the format)
> md5_gen(14) --> md5(md5(md5($p).$s).$s2) // note 2 salts is not  
> handled yet.

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ