Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <013d01cc4744$1d9e8ce0$58dba6a0$@net>
Date: Wed, 20 Jul 2011 20:18:32 -0500
From: "jfoug" <jfoug@....net>
To: <john-users@...ts.openwall.com>
Subject: RE: md5_gen ... again

I did list (within code) that this would happen.  This exact case.

		// this code is BROKEN in the case where we have a 'simple'
salt, that starts with a '$'
		// character.  For now, I will simply comment these out, and
they should work fine.  NOTE, this
		// will break complex salts, which do not start with a
'normal' salt.  Something like
		// $$Uuser will now fail (if that is the entire salt).  But
at this time, there are no 'canned'
		// formats that use that, so this patch will work around the
problem, giving me some time to
		// address this for the 'complex' salt case, in a later
version of md5_gen.
//		if (ciphertext[curdat.md5_gen_SALT_OFFSET] == '$')
//			strnzcpy(Salt,
&ciphertext[curdat.md5_gen_SALT_OFFSET-1], SALT_SIZE);
//		else


Thus what is happening, is you have no 'valid' salt  What you have in the
salt 'field' is $$U1234  But due to some other fixes I added, this is
failing.

At this time, until I spend more time coming up with a more generic 'fix', I
would sugest that you build the format this way:

[List.Generic:md5_gen(1400)]
Expression=md5($s.:asterisk:.$p) [Asterisk SIP]
Flag=MGF_SALTED
Func=MD5GenBaseFunc__clean_input
Func=MD5GenBaseFunc__append_salt
Func=MD5GenBaseFunc__append_input1_from_CONST1
Func=MD5GenBaseFunc__append_keys
Func=MD5GenBaseFunc__crypt
CONST1=:asterisk:
Test=md5_gen(1400)4a8e71480c5b1ef0a5d502a8eb98576a$1234:abcd


Yes, I know that is not a 'fix', but I am not going down the knee jerk fix
in the salts until I have a better chance to dig deeper, and get it 'right'.

Jim.

>-----Original Message-----
>From: jm@...izoku.org [mailto:jm@...izoku.org] On Behalf Of Jean-Michel
>Sent: Wednesday, July 20, 2011 6:27 PM
>To: john-users@...ts.openwall.com
>Subject: [john-users] md5_gen ... again
>
>I upgraded from john 1.7.7 to john 1.7.8 with all patches applied.
>
>On x64 build, the patch john-1.7.8-jumbo-2after-MSCash2-many-fixes-
>1.diff
>made some of my md5_gen configuration scripts to fail.
>
>It seems that having the flag MGF_USERNAME without MGF_SALTED breaks the
>format.
>
>For example, for Asterisk SIP secret hashes, I have :
>
>[List.Generic:md5_gen(1400)]
>Expression=md5($u.:asterisk:.$p) [Asterisk SIP]
>Flag=MGF_USERNAME
>Func=MD5GenBaseFunc__clean_input
>Func=MD5GenBaseFunc__append_userid
>Func=MD5GenBaseFunc__append_input1_from_CONST1
>Func=MD5GenBaseFunc__append_keys
>Func=MD5GenBaseFunc__crypt
>CONST1=:asterisk:
>Test=md5_gen(1400)4a8e71480c5b1ef0a5d502a8eb98576a:abcd:1234
>
>This function fails at get_hash[0](0)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.