Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 7 Mar 2012 19:43:45 +0100
From: Jean-Michel PICOD <jm@...izoku.org>
To: john-users@...ts.openwall.com
Subject: Re: Issue with dynamic format scripting

I updated the script regarding the hex-code for \n.
Thank you Jim for your help and your reactivity.


--
Jean-Michel


2012/3/7 jfoug <jfoug@....net>

> Here is the patch file.  ALSO, you need to change your script to this. The
> \n needs to be \x0A
>
> [List.Generic:dynamic_1401]
> Expression=md5($u.\nskyper\n.$p) [Skype MD5]
> Flag=MGF_USERNAME
> Func=DynamicFunc__clean_input
> Func=DynamicFunc__append_userid
> Func=DynamicFunc__append_input1_from_CONST1
> Func=DynamicFunc__append_keys
> Func=DynamicFunc__crypt
> CONST1=\x0Anskyper\x0A
> Test=$dynamic_1401$27f6a9d892475e6ce0391de8d2d893f7:password:username
> Test=$dynamic_1401$27f6a9d892475e6ce0391de8d2d893f7$$Uusername:password
>
> The 'issue' with requiring a spurious MGF_SALTED was removed. The usage of
> the MGF_USERNAME also includes the SALTED flag, so it is not needed to be
> separately placed in a script any more.
>
> >From: jm@...izoku.org [mailto:jm@...izoku.org] On Behalf Of Jean-Michel
> >
> >[List.Generic:dynamic_1401]
> >Expression=md5($u.\nskyper\n.$p) [Skype MD5]
> >Flag=MGF_USERNAME
> >Func=DynamicFunc__clean_input
> >Func=DynamicFunc__append_userid
> >Func=DynamicFunc__append_input1_from_CONST1
> >Func=DynamicFunc__append_keys
> >Func=DynamicFunc__crypt
> >CONST1=\nskyper\n
> >Test=$dynamic_1401$27f6a9d892475e6ce0391de8d2d893f7:password:username
> >Test=$dynamic_1401$27f6a9d892475e6ce0391de8d2d893f7$$Uusername:password
> >
> >
> >Additional test vectors can be computed directly in bash:
> >echo -ne "username\nskyper\npassword" | md5sum
> >
> >I remember a post of Nicolas Ruff having almost the same issue few
> >months ago. His case was solved by adding the MGF_SALTED flag to the
> >format even if there is no salt. But it did not work in my case. The
> >flag MGF_NOTSSE2Safe did not help neither.
>
>

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ