Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <158925887.3850936.1472589012830@mail.yahoo.com>
Date: Tue, 30 Aug 2016 20:30:12 +0000 (UTC)
From: Sebastian Heyn <sebastian.heyn@...oo.de>
To:  <john-users@...ts.openwall.com>
Subject: Re: Which is the correct hash?

Seems like this is correct, and the idea is brilliant! Even though it did not reduce the size of the hashfile itself, the speedup is drastical.
I have to get into openmpi next. Maybe a small openmpi-enabled live cd (USB) or something.



--------------------------------------------
jfoug <jfoug@...nwall.net> schrieb am Di, 30.8.2016:

 Betreff: Re: [john-users] Which is the correct hash?
 An: john-users@...ts.openwall.com
 Datum: Dienstag, 30. August, 2016 22:23 Uhr
 
 
 On
 8/30/2016 1:36 PM, magnum wrote:
 >
 According to Sebastian's mail this morning, the only
 usable file for 
 > attacking is a fairly
 large one (16 MB) and we may need to CRC all of 
 > it for each guess. That's why speed is
 hit and this is what the "file 
 >
 magic" stuff could possibly work around.
 
 This was exactly why I created
 the magic logic. Since the blob was a 
 .zip
 file (IF the builder of the blob was not trying to confuse
 us by 
 renaming a jgp picture into a .zip),
 then the file magic would only need 
 to
 fully decode the first 4 bytes, and then ONLY check if those
 bytes 
 ended up being
 PK\x3\x4   The magic was not noticeably faster
 for tiny 
 files, but the larger the file
 was, the more noticeable, and as the size 
 of file got huge, without magic, the cracking
 speed simply almost crawls 
 to a stop.
 
 But  (and this is a big but),
 we are fully assuming that we know what 
 the
 file magic looks like.  That is not always correct
 (especially if 
 the user purposely renamed
 something as more camouflage).
 
 Was this a pkzip file, or a winzip AES
 encrypted file?  I though only 
 the pkzip
 had the magic logic in it, and that the winzip method did
 not 
 care how big the file blob was.
 @magnum: is my rememberance wrong here.
 
 Jim.
 

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.