Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 21 Jul 2011 09:21:48 +0200
From: Jean-Michel PICOD <jm@...izoku.org>
To: john-users@...ts.openwall.com
Subject: Re: md5_gen ... again

Ok, I'll try that.

If it can help you, the previous version of john (1.7.7 + jumbo + other
patches) with the patch you gave me for salts beginning with "$" and "$$"
was working great with formats using the userid such as the one I gave on
the mailing list.
Before scripting it to the conf file, I used to maintain a thin format
linking to md5_gen functions and those one are still working.


J-Michel


2011/7/21 jfoug <jfoug@....net>

> I did list (within code) that this would happen.  This exact case.
>
>                // this code is BROKEN in the case where we have a 'simple'
> salt, that starts with a '$'
>                // character.  For now, I will simply comment these out, and
> they should work fine.  NOTE, this
>                // will break complex salts, which do not start with a
> 'normal' salt.  Something like
>                // $$Uuser will now fail (if that is the entire salt).  But
> at this time, there are no 'canned'
>                // formats that use that, so this patch will work around the
> problem, giving me some time to
>                // address this for the 'complex' salt case, in a later
> version of md5_gen.
> //              if (ciphertext[curdat.md5_gen_SALT_OFFSET] == '$')
> //                      strnzcpy(Salt,
> &ciphertext[curdat.md5_gen_SALT_OFFSET-1], SALT_SIZE);
> //              else
>
>
> Thus what is happening, is you have no 'valid' salt  What you have in the
> salt 'field' is $$U1234  But due to some other fixes I added, this is
> failing.
>
> At this time, until I spend more time coming up with a more generic 'fix',
> I
> would sugest that you build the format this way:
>
> [List.Generic:md5_gen(1400)]
> Expression=md5($s.:asterisk:.$p) [Asterisk SIP]
> Flag=MGF_SALTED
> Func=MD5GenBaseFunc__clean_input
> Func=MD5GenBaseFunc__append_salt
> Func=MD5GenBaseFunc__append_input1_from_CONST1
> Func=MD5GenBaseFunc__append_keys
> Func=MD5GenBaseFunc__crypt
> CONST1=:asterisk:
> Test=md5_gen(1400)4a8e71480c5b1ef0a5d502a8eb98576a$1234:abcd
>
>
> Yes, I know that is not a 'fix', but I am not going down the knee jerk fix
> in the salts until I have a better chance to dig deeper, and get it
> 'right'.
>
> Jim.
>
> >-----Original Message-----
> >From: jm@...izoku.org [mailto:jm@...izoku.org] On Behalf Of Jean-Michel
> >Sent: Wednesday, July 20, 2011 6:27 PM
> >To: john-users@...ts.openwall.com
> >Subject: [john-users] md5_gen ... again
> >
> >I upgraded from john 1.7.7 to john 1.7.8 with all patches applied.
> >
> >On x64 build, the patch john-1.7.8-jumbo-2after-MSCash2-many-fixes-
> >1.diff
> >made some of my md5_gen configuration scripts to fail.
> >
> >It seems that having the flag MGF_USERNAME without MGF_SALTED breaks the
> >format.
> >
> >For example, for Asterisk SIP secret hashes, I have :
> >
> >[List.Generic:md5_gen(1400)]
> >Expression=md5($u.:asterisk:.$p) [Asterisk SIP]
> >Flag=MGF_USERNAME
> >Func=MD5GenBaseFunc__clean_input
> >Func=MD5GenBaseFunc__append_userid
> >Func=MD5GenBaseFunc__append_input1_from_CONST1
> >Func=MD5GenBaseFunc__append_keys
> >Func=MD5GenBaseFunc__crypt
> >CONST1=:asterisk:
> >Test=md5_gen(1400)4a8e71480c5b1ef0a5d502a8eb98576a:abcd:1234
> >
> >This function fails at get_hash[0](0)
>
>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.