openwall / john

John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs
https://www.openwall.com/john/
Other
10.36k stars 2.11k forks source link

Bump length for Cisco ASA MD5 #3109

Open magnumripper opened 6 years ago

magnumripper commented 6 years ago

See https://github.com/hashcat/hashcat/issues/1488#issuecomment-356641298

We need real samples for longer passwords before we can implement this.

roycewilliams commented 6 years ago

I added some real samples to https://github.com/hashcat/hashcat/issues/1488#issuecomment-356754100

magnumripper commented 6 years ago

As @jsteube found out: One simply needs to pad with zero bytes to a next segment of 16 bytes.

https://github.com/hashcat/hashcat/issues/1488#issuecomment-361016305

magnumripper commented 6 years ago

@jfoug how do we make that change to dynamic_20?

kholia commented 6 years ago

Do we need a new dynamic format to handle these longer password lengths? Or can the existing format be extended to handle both types of password lengths and hashes?

magnumripper commented 6 years ago

The existing format should be extended. Trivial fix in a normal format but I'm not sure how to do it in dynamic.