Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <927750830c3c68b5b018eedc40b30213@smtp.hushmail.com>
Date: Wed, 13 May 2015 17:43:50 +0200
From: magnum <john.magnum@...hmail.com>
To: john-users@...ts.openwall.com
Subject: Re: raw-md5 vs raw-md5u, one hash with 2 different passwords

On 2015-05-12 10:38, Aleksey Cherepanov wrote:
> In 2012 Alexander Cherepanov noticed that raw-md5u format can be
> cracked as raw-md5 in some cases: 2 spaces represent the dagger symbol
> "(U+2020) which exist in windows code pages and, [he] think, can
> easily be entered from keyboard. If a unicode password consists of
> only such symbols then it can be found by trying various printable
> ascii characters in non-unicode way. But such cross-matches seem small
> and exotic."
> (...)
> Conclusion: One ciphertext may be crackable as different formats and
> may represent different passwords. So when we are not sure in the
> format and we got a crack, it does not reliably mean that we guessed
> the format right. Though it is a rare case.

The dagger is a curious example. A similar but less exotic thing happens 
with hashes of non-Unicode strings, ie. strings including non-ASCII 
characters in some 8-bit single byte codepage.

CP437: Müller

CP154: MҒller
CP737: MΒller
CP856: Mבller
CP864: M·ller
CP932: M〕ler
CP936: M乴ler
CP949: M걄ler
CP950: Mler
CP1046: M×ller
CP1125: MБller
CP1251: MЃller
CP1256: Mپller

All the above encodes to the same six-byte string with \x81 as second 
byte, and all would obviously get the same LM (or any other) hash. There 
are many more codepages than these, I just picked some my iconv(1) could 
handle for this byte.

BTW note that CP932..CP950 seem to swallow the first "l" so they are 
probably multibyte endocings just like UTF-8. They produce some 
character from "\x81\x6c". Regardless, they too are very same binary string.

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.