Closed henshin closed 5 years ago
the max pw size is currently set at 128 bytes and the max salt size is currently 32. It could be increased, but it may slow down your gpu or your memory bus also might not be able to handle more.
As it's very unlikely for a user password or regular hash to be longer than 128 bytes (especially for mobile usage), I'm closing this issue.
Thanks for your feedback. Makes sense actually. As a suggestion, instead of throwing an exception in these cases, the program could truncate that password or ignore it and continue on to the next one.
What about the instance where passwords were hashed twice using sha512? In that case the output of one sha512 hash will be too long to hash again.
Edit: Actually, you said max 128 bytes, which I assume includes 128 bytes, in which case there is an error in the padding calculations because 128 bytes does not work.
This issue was regarding the limitation of the processing plaintext passwords longer than 128 bytes as they come from the wordlist and before they are hashed.
I was trying this module with a large wordlist such as rockyou.txt and it seems it can't handle long passwords. This is the error I'm getting:
Didn't look too much into the code but maybe just doubling the buffer sizes could solve it.