john-dev - Re: AIX password hashes

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Message-ID: <BLU0-SMTP23759365A1D2E331E829080FD0D0@phx.gbl>
Date: Sat, 16 Feb 2013 09:53:37 +0100
From: Frank Dittrich <frank_dittrich@...mail.com>
To: john-dev@...ts.openwall.com
Subject: Re: AIX password hashes

On 02/16/2013 03:12 AM, magnum wrote:
> On 16 Feb, 2013, at 2:28 , Frank Dittrich <frank_dittrich@...mail.com> wrote:
>> First, a
>> ./AIXtest ... | wc -l
> 
> I believe this will just produce 100,000 DES hashes with random salt.

Yes, of course. I meant the "..." to be a placeholder for each of the
really interesting algorithms.
> 
>> Then, the may be the top 100 hashes of those broken formats, but not
>> just the ones which have a '...' sequence in the hash.
>> ...
> 
> I think we're looking at the simplest algorithm you can imagine (iterate 2^N over pass.salt) and the only real obstacle is the encoding.

But how can the encoding explain that almost one out of eight
{ssha512}06$ hashes ends with "..."?
And how to the other hashes look like?
(E.g., each of the first ssha512 hashes ends with "..".
Are there even hashes ending with "....."?

> I can't imagine any more test that would help.

I don't know if these more tests help. But without the possibility to
reverse-engineer the algorithm, just getting some more data out of it is
the only chance I see.

Frank

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.