Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <e5320c9c85711e98b6266d7c0c92a1c3@smtp.hushmail.com>
Date: Wed, 3 Oct 2012 18:45:09 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: o5logon format hacks

On 3 Oct, 2012, at 18:24 , magnum <john.magnum@...hmail.com> wrote:

> On 3 Oct, 2012, at 17:44 , Dhiru Kholia <dhiru.kholia@...il.com> wrote:
> 
>> I have replaced the cracked array approach with standard get_hash* functions.
>> 
>> But does this patch make any sense since binary value is always same?
>> 
>> I suspect that it will still run into "too many collisions detected" problem.
> 
> I think it does not make sense, it should probably be reverted (although there was some other changes too in that commit, right?). What you should do is use fmt_default_binary *and* set BINARY_SIZE to 0 for all formats that does not use a binary. This will change the warning text a little, as well as reduce unneeded memory use.

Maybe I'm confused now but here's how I *think* we could do to all non-hash formats in order to get proper dupe detection and no warnings.

1. Use a short binary size (eg. 4) so we don't waste too much memory.

2. Write a simple mockup binary() that just returns a 4-byte hash of the full ciphertext. This could be standard crc32 or something else, but it should use all of the ciphertext. 

3. Use standard binary_hash() functions just like the ones you used now.

Actually, this binary() function will be 100% identical for all non-hash formats so I think the fmt_default_binary() should be modified to do this. BUT I'm not sure if any format actually use the present fmt_default_binary() as-is and depend on it's output (it currently outputs the ciphertext as-is). So we could instead name this new function (still in formats.c) fmt_default_binary_nonhash() or something like that.

BTW the binary_hash() functions too could be placed in formats.c as this would remove a lot of duplicated code.

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.