20710 mode salt length question
#1
Hey, I'd like to ask about 20710 optimized kernel. When I'm checking it's source it seems like it was made to support salts up to 64 chars, for example: https://github.com/hashcat/hashcat/blob/...ed.cl#L385

However, module rejects lines with salts longer than 51 chars. I've modified value of max salt length in order to do some testing and 64 chars long salts didn't seem to work (hash just didn't crack), in fact the maximum salt length that seems to crack is 55 chars and anything above doesn't crack at all.

Now I wonder if that's some unintented mistake or maybe I don't understand the code fully. I decided to bring this up, because the older versions of Xenforo forum software used to store users' passwords in sha256(sha256($pass).$salt) with 64 chars long salts.

Cheers!
Reply
#2
I'm also having this issue. My knowledge is very limited, so I'm in the same boat as you. Hopefully a solution can be found. I'll be hoping, atleast Big Grin
Reply
#3
use the pure kernel for now.

I think this is just a little bug and documentation problem (also the tests limits [16,16] is not correct).

Anyway, an optimized kernel can in general never be used to run very long salts or passwords. This is a general rule (of course there can be a few exceptions, but it doesn't make any sense here... the limited lengths in optimized kernels make sense here)
Reply