|
Message-ID: <CABtNtWEYFfnx4K1YXuW5bMu8qx2Gc8Tj9j85LMvLQFv1Tw1xwA@mail.gmail.com>
Date: Thu, 30 Jul 2015 16:13:05 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: auditing our use of FMT_* flags
On Mon, Jul 27, 2015 at 11:03 PM, <jfoug@....net> wrote:
>
> ---- Kai Zhao <loverszhao@...il.com> wrote:
> >
> > If LM is special, how about saph?
> >
> > E.g.:
> >
> > sapH_fmt_plug.c:
> >
> > static struct fmt_tests tests[] = {
> > {"{x-issha,
> > 1024}hmiyJ2a/Z+HRpjQ37Osz+rYax9UxMjM0NTY3ODkwYWI=","OpenWall"},
> > ...
> > {NULL}
> > };
> >
> > This format doesn't set FMT_CASE. So the password is case-insensitive.
> > But if I change "OpenWall" to "OpenWalL", the self-test will fail.
>
> As magnum stated, you can not change the passwords in the test vectors
and have things work. I do not think the logic that properly cases the
passwords is not done during self test.
>
> I do believe that the sapH format 'should' have the FMT_CASE flag.
I did a try on FMT_CASE with saph which does NOT set FMT_CASE.
1. Get one hash from sapH_fmt_plug.c's test vector.
{"{x-issha, 1024}hmiyJ2a/Z+HRpjQ37Osz+rYax9UxMjM0NTY3ODkwYWI=",
"OpenWall"}
2. Copy the hash to pwfile.
$ cat pwfile
{x-issha, 1024}hmiyJ2a/Z+HRpjQ37Osz+rYax9UxMjM0NTY3ODkwYWI=
3. cat password.lst
123456
OpenWalL
4. run
$ rm -f ../john.pot && ../john pwfile --skip-self-test
--wordlist=password.lst
Using default input encoding: UTF-8
Loaded 1 password hash (saph, SAP CODVN H (PWDSALTEDHASH) [SHA-1/SHA-2
256/256 AVX2 8x])
Will run 8 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
0g 0:00:00:00 DONE (2015-07-30 16:05) 0g/s 200.0p/s 200.0c/s 200.0C/s
123456..OpenWalL
Session completed
5. change the "OpenWalL" to "OpenWall"
$ cat password.lst
123456
OpenWall
6. run
$ rm -f ../john.pot && ../john pwfile --skip-self-test
--wordlist=password.lst
Using default input encoding: UTF-8
Loaded 1 password hash (saph, SAP CODVN H (PWDSALTEDHASH) [SHA-1/SHA-2
256/256 AVX2 8x])
Will run 8 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
OpenWall (?)
1g 0:00:00:00 DONE (2015-07-30 16:07) 100.0g/s 200.0p/s 200.0c/s 200.0C/s
123456..OpenWall
Use the "--show" option to display all of the cracked passwords reliably
Session completed
You can see that in step 4, john does not crack with "OpenWalL", but
in step 6, john cracks with "OpenWall".
So sapH's passwords should be case-sensitive. The saph should
set FMT_CASE flag?
Thanks,
Kai
Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.