Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 12 Jun 2013 21:57:12 +0200
From: magnum <john.magnum@...hmail.com>
To: john-users@...ts.openwall.com
Subject: Re: KDE Paste Applet external mode

On 11 Jun, 2013, at 6:22 , Michael Samuel <mik@...net.net> wrote:
> This takes advantage of CVE-2013-2120 to find seeds that KDE Paste applet
> uses to generate passwords.

How long has KDE Paste been using this weak generation? For raw-md5 we can brute-force a whole year per CPU core and hour so it would be nice to know the lowest "possible" startTime.

BTW I tried disabling upper-case letters and the number of candidates did not change. I assume this means you need to run it with exactly the character classes the target was using, right?

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.