john icon indicating copy to clipboard operation
john copied to clipboard

Published 20 hours ago verified publisher icon openwall

Add native yescrypt support

Open solardiz opened this issue 3 years ago • 2 comments

Although we have and use yescrypt in the tree, we currently only use it to provide scrypt (for several formats), but not native yescrypt. For Linux distros that have started to use native yescrypt hashes via libxcrypt (ALT Linux, Kali Linux) and for those that support them (Fedora 29+), these hashes can currently be cracked by using --format=crypt. However, this is suboptimal (memory is getting (de)allocated all the time, which slows things down) and non-portable (the hashes cannot be cracked on a system that doesn't have yescrypt support in its libcrypt). We should add the support into JtR itself, possibly in the same format with scrypt. (A next task then would be also supporting yescrypt ROM.)

solardiz avatar Mar 14 '21 18:03 solardiz

Distro update: Debian 11 (bullseye) now defaults to yescrypt.

https://www.debian.org/releases/bullseye/amd64/release-notes/ch-information.en.html#pam-default-password

roycewilliams avatar Oct 27 '21 21:10 roycewilliams

Distro update: Debian 11 (bullseye) now defaults to yescrypt.

Right, and Fedora 35 likely will, too (now in beta).

solardiz avatar Oct 27 '21 21:10 solardiz