Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <6771fd9996107c313def415abfa5c16c@smtp.hushmail.com>
Date: Thu, 03 Jul 2014 02:19:26 +0200
From: magnum <john.magnum@...hmail.com>
To: john-users@...ts.openwall.com
Subject: Re: Possible bug in zip_fmt_plug.c, bleeding edge

On 2014-07-03 01:07, Dennis Glatting wrote:
> Prior to running my word list against my hash, JTR runs test code using
> the data structure "zip_tests". Zip_tests by virtua of the get_salt()
> function sets the global variable "passverify" however that variable IS
> NOT reset to the check word of my hash (b59a). Consequently, I am unable
> to verify my hash against my word list.

Thanks for reporting this. The passverify stuff is indeed totally b0rken 
and from the looks of it, it has never worked. I opened an issue on 
GitHub, hopefully Dhiru will fix it soon.

In the meantime I believe you can run it with --skip-self-tests to work 
around this problem as long as you only attack one hash at a time. The 
format has other problems though: For example, it emits 40 false 
positives per minute...

magnum


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.