Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <95FE2C4CBBF11A4CA8CD89BE1D450F4C3734F786@srv-ex03.ptsecurity.ru>
Date: Thu, 31 May 2012 06:06:20 +0000
From: Dmitriy Serebryannikov <DSerebryannikov@...ecurity.ru>
To: Solar Designer <solar@...nwall.com>
CC: Aleksey Cherepanov <aleksey.4erepanov@...il.com>, hashrunner
	<hashrunner@...ecurity.com>, "john-users@...ts.openwall.com"
	<john-users@...ts.openwall.com>
Subject: HA: HA: where are the salts?

Use empty salt for md5(phpbb3/wordpress) hashes and empty username for DCC2 hashes.
________________________________________
От: Solar Designer [solar@...nwall.com]
Отправлено: 31 мая 2012 г. 8:17
To: Dmitriy Serebryannikov
Cc: Aleksey Cherepanov; hashrunner; john-users@...ts.openwall.com
Тема: Re: [john-users] HA: where are the salts?

Hi,

On Thu, May 31, 2012 at 03:06:11AM +0000, Dmitriy Serebryannikov wrote:
> Can you provide examples of these hashes?

All of the dcc2, md5(phpBB3), and md5(Wordpress) hashes are missing
their salts.  For example, a full phpass hash encoding is 34 characters
long, but those provided to us in the contest are 27 characters.

Also, the blowfish(OpenBSD) hashes have slightly corrupted salt strings,
but folks on our team should be able to repair that. ;-)

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.