john-dev - Re: Lei's weekly report #15

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Message-Id: <4BE93716-88C1-41E2-B2CE-9104CB549109@gmail.com>
Date: Thu, 13 Aug 2015 18:17:29 +0800
From: Lei Zhang <zhanglei.april@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: Lei's weekly report #15

On Aug 13, 2015, at 5:26 AM, magnum <john.magnum@...hmail.com> wrote:
> 
> Maybe you could even add episerver to pass_gen.pl?

I'm not sure what you mean. I can see episerver is already in pass_gen.pl.

I don't know if I'm doing it correctly, but that's how I did the test:

$ cat pw-utf8.dic | ../run/pass_gen.pl -utf8 episerver_sha1 > tst_utf8.in
$ ../run/john --format=episerver --wordlist=pw-utf8.dic tst_utf8.in --encoding=utf8

And there're 257 out of 1500 hashes not cracked. I viewed the corresponding uncracked passwords: most of them are long (probably exceed PLAINTEXT_LENGTH), but some are not. For example, '€€€€€€€' cannot be cracked, while '€€€€€€' (one less char) can be cracked. The length of it surely doesn't exceed PLAINTEXT_LENGTH. Is there something special with this string? I feel I'm still missing some point in the UTF8 encoding...

Lei

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.