Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20150524041715.GB16509@openwall.com>
Date: Sun, 24 May 2015 07:17:15 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Bleeding jumbo now defaults to UTF-8

On Fri, May 22, 2015 at 06:33:42PM +0200, magnum wrote:
> On 2015-05-22 16:48, Marek Wrzosek wrote:
> >That's a great news! What is the simplest way to "repair" all.lst from
> >Openwall?
> 
> I bet it's a mix of encodings so can't simply be converted.

Yes.  And maybe it should stay as a mix of encodings despite of magnum's
change, because quite often multiple encodings may possibly have been
used in target passwords.  I am worried that some lines are not valid
UTF-8, though.  How do we ensure those are tested against the hashes
verbatim, like core (non-jumbo) JtR would test them?  Will this just
happen that way despite of the recent change of default in jumbo?

magnum, what do you suggest we do?  Simply assuming that e.g. md5crypt
hashes are likely of UTF-8 plaintexts won't do.  Some of them might be,
but some older ones might be iso-8859-1 or koi8-r or windows-1251 as
well.  That's why current all.lst mixes all of these encodings together.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.