headers
A BC | 5 Feb 13:08
Picon
Gravatar

DES - not "traditional DES-based" - (VNC hash) with JtR

Hi,

I'm a new user of this mailing list, because I have a question I don't find
an answer to : is there a way to use JtR against DES 'hashes', where :
- you know the data to encrypt (challenge)
- you know the data when encrypted (challenge response, server side)
- you search the DES-password that was used to encrypt the data.

It is a way to authenticate with VNC (
http://www.realvnc.com/docs/rfbproto.pdf page 14), which is reputed weak.
So I search how easily it can be efficiently broken, but I am very
surprised I did not find any answer to that. Maybe I searched wrongly, but
all my searched are driven by the well known UNIX traditional DES-based
salted hash.

So, I wish to use JtR for its mangling rules, wordlists capabilities, (and
maybe for its efficiency) but I can't find a way to make it do what I want.
I have searched in the community resources (http://openwall.info/wiki/john),
in the most useful mailing lists posts (
http://openwall.info/wiki/john/mailing-list-excerpts), I have searched in
the direction of "How to use the 'dynamic' format within john"
(jtr179j5/doc/DYNAMIC.txt) but I did not found what I want "DES($s,$p)", I
searched in tutorials (http://openwall.info/wiki/john/tutorials), and I
tried to look at patches (http://openwall.info/wiki/john/custom-builds),
but no keywords matched, nor with our best friend ggl...

I am thinking about how JtR implements its algorithms, but it seems very
complicated.
Otherwise, I am think about using JtR to generate the pwd to stdout, which
I would pipe into a Python soft using PyCrypto, but I don't know if the
(Continue reading)

Permalink | Reply | 10 comments |
headers
madfran | 2 Feb 18:10
Gravatar

Re: Segmentation fault in john-1.7.9-jumbo-5 under some conditions

Hi,

> On 1/21/12, Solar Designer <solar@...> wrote:
> > All - can someone else with a Windows system handy try to reproduce
> > this, please?
>
> Same problem:
>

No solution for the problem of segmentation fault when traying to  
restore a session initiate with the external option
"Keyboard" ?
Permalink | Reply | 7 comments |
headers
Tevesz András | 31 Jan 12:26
Picon
Gravatar

OpenCL support on OSX

Hello!

I have some osx specific fixes to the john-1.7.9-jumbo-5-opencl-5.diff
Attachment (john-1.7.9-jumbo-5-opencl-5-macosx_10.7.diff): application/octet-stream, 2353 bytes

Regards,

András
Permalink | Reply | 9 comments |
headers
Erik Winkler | 27 Jan 23:11
Picon
Gravatar

John the Ripper 1.7.9 - Jumbo 5 (w/ OpenMP support) for Intel Macs (Intel Binary)


I have compiled a binary version of John the Ripper 1.7.9 - Jumbo 5 with OpenMP support.  It has been tested on
MacOS 10.6 and 10.7 only.  The binary is available here http://www.macunix.net/JTR/.  I compiled the
binary statically with OpenSSL 1.0.1b2 and noted a 30% increase in the Raw SHA-224, Raw SHA-256, Raw
SHA-384 and Raw SHA-512 hash speeds.

I will post it to the Wiki as well.  Send me any comments or issues.

Thanks, 

Erik
Permalink | Reply | 9 comments |
headers
Robert B. Harris | 26 Jan 23:13
Gravatar

Building a statically linked OMP version of JtR 1.7.9 and JtR 1.7.9 jumbo 5 nearly impossible on Solaris x86

John Users,

Sorry this is slightly off topic.

I'm trying to build a statically linked OMP version of JtR 1.7.9 and JtR
1.7.9 jumbo 5 issues on Solaris x86, but it doesn't work.   (so, I can put
it on the custom builds wiki page).

I can build a dynamically linked OMP version of JtR 1.7.9 and JtR 1.7.9
jumbo 5 on Solaris x86 just fine.

I can't even statically link OMP in a simple "Hello World" program on
Solaris.   Solaris makes this difficult, since they don't supply many .a
library files.

Anyone else here familiar with any tricks for Solaris?

It seems, libgomp is dependent on librt, and something else  (.   

If someone here can tell me what source code the libgomp.a, librt.a, and the
other dependent, library  come from I could try manually compiling those, so
I might work.

Or maybe someone else knows a trick.

So, I did some research  and others are have trouble too.

Thanks

-Robert B. Harris
(Continue reading)

Permalink | Reply | 2 comments |
headers
donovan | 25 Jan 07:28
Picon

Build an OpenMP in Jumbo 1.7.9-5

Hi All,

Forgive me if this subject was allread answered, but i don't see any
ref's concern the Mac Osx Version, exepted the Erik W. threads.

Anyway, here my question,

I need to compile an new version of "John-Jumbo 1.7.9-5" on OSX Lion.

Actualy i run the E.w version (1.7.8-5) on Snow Leopard on an other
Mac with MPI enable on MakeFile & it's working perfectly...even i
think i am going to stop using the MPI process (mpirun -np "N")
cause i got some crash & some troubles on Mac with that.

Like you know MPI is now out in OSX LION, so i need to enable
the OpenMP directly...

The question is, how to enable it & what is the Patch i have to past
for best perf's ?? ( maybe i missunderstand the principe & maybe
like i read on the readme files..is allready patched & enable !?
the fact to remove the both "#" on MakeFile enable also the process ?

Finaly & for more info's & after trying the Erik Winkler last version
(john/contrib/macosx/john-1.7.8-jumbo-5-macosx-Intel-1)on mac OSX Snow
leopard & Lion is working faster for me than the Last jumbo one( 1.7.9-5)
the reason why i ask about what to enable to set up this last version
for best perf'.

Thanks a lot i advance for your help,
(Continue reading)

Permalink | Reply | 4 comments |
headers
websiteaccess-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org | 23 Jan 14:37
Picon

JTR rules swap vowels

Hi

The following rules change vowels with others (aeiouy)

%3?v op[oaiyeuy] Q %2?v op[aeiou] /?v op[aeiouy]

It works with words with AT LEAST 3 vowels.

 I would like this rule treat only words with exactly 3 vowels (and NOT words with less or more to 1,2, 4, and 5
and so on)

 Any idea ?

 Thanks,

 W/A/
Permalink | Reply | 2 comments |
headers
Martin Månsson | 23 Jan 11:53
Gravatar

Fwd: Filter for partially known passwords.

I figured it out thanks to this post.

http://www.openwall.com/lists/john-users/2008/05/20/2

Martin

Begin forwarded message:

> From: Martin Månsson <martin.mansson@...>
> Subject: Filter for partially known passwords.
> Date: 23 januari 2012 10:15:24 CET
> To: john-users@...
> 
> Hi folks,
> 
> I have created a simple filter function that adds a partially known password to word[] to use with any of the modes.
> 
> Let's say the password is 6 characters and i happen to know that the first 2 chars are 'A' and 'B'. The filter
will initialize
> 
> word[0] = 'A'; 
> word[1] = 'B';
> 
> Now i want to use this filter with, lets say, the incremental mode. Setting MinLen = 4 and MaxLen = 4.
> 
> The question (might be a dumb one) how can i tell john to start processing the word from position word[2] and
not word[0] ? Is there a pre-defined external variable for the position in the word ?
> 
> Thanks,
>
(Continue reading)

Permalink | Reply | 0 comments |
headers
Alex Sicamiotis | 20 Jan 20:54
Picon

OpenMP progress report bug with multiple 1 thread instances


I'm running two instances of OpenMP john 1.7.9 (non jumbo) for DES cracking from two different
directories, cracking with different rulesets... I'm using 

export OMP_NUM_THREADS=1 

...for both shells, as I have a dual core cpu and each one is assigned to one instance (priority -10 for the
first and 19 for the second).

Now... 

This is the second instance that I started running a few hours ago

linux-1mo8:/johnrun/49/3 # ./john-openMP-mssse3-fast-core2-icc -restore
Loaded 2507 password hashes with 1862 different salts (Traditional DES [128/128 BS SSE2-16])
Remaining 920 password hashes with 831 different salts
guesses: 0  time: 0:00:09:02 0%  c/s: 2771K  trying: aagg7223 - aagh1318
guesses: 0  time: 0:00:09:07 0%  c/s: 2783K  trying: aagj1799 - aagj5894
guesses: 0  time: 0:00:09:08 0%  c/s: 2786K  trying: aagj5895 - aagj9980
guesses: 0  time: 0:02:29:47 0%  c/s: 3457K  trying: aezw8535 - aezx2620
guesses: 0  time: 0:03:28:00 1%  c/s: 3494K  trying: ahah5927 - ahah9022
guesses: 0  time: 0:03:28:15 1%  c/s: 3494K  trying: ahao1463 - ahao5558
guesses: 0  time: 0:04:25:23 1%  c/s: 3543K  trying: ajbw6423 - ajbw0518

...and this is the first instance which is running for two days

linux-1mo8:/johnrun/49/2 # ./john-openMP-mssse3-fast-core2-icc -restore
Loaded 2507 password hashes with 1862 different salts (Traditional DES [128/128 BS SSE2-16])
Remaining 920 password hashes with 831 different salts
guesses: 5  time: 1:19:37:02 15%  c/s: 4083K  trying: kfx13511 - kfx17506
(Continue reading)

Permalink | Reply | 5 comments |
headers
Martin Månsson | 20 Jan 15:54
Picon
Favicon
Gravatar

Crack the rest of a password if first half of password is known?

Hi guys,

If i know half the password in plaintext, lets say, 8 characters out of 12. Is there a way to make JtR crack the 4
remaining characters?

Also if i know the SAP CODEVN B (max 8 alpha numeric case-insensitive) password is there a way to use that to
obtain the SAP CODEVN G (max 40 case sensitive alnum + special chars) password?

Thanks,

Martin
Permalink | Reply | 1 comment |
headers
Lukas Odzioba | 20 Jan 14:01
Picon

JtR OpenCL patch

I am happy to announce new version of OpenCL patch for John The Ripper.
Itis available on wiki - john-1.7.9-jumbo-5-opencl-4.1.diff.
* Supported formats: ssha-opencl, raw-md5-opencl, nt-opencl,
raw-sha1-opencl, cryptmd5-opencl, phpass-opencl
* -gpu option is added for multi OpenCL device systems, works also for
OpenCL capable CPUs like Intel Sandy Bridge
* faster cryptmd5 and ssha formats

More info about usage is available at the top of this page:
http://openwall.info/wiki/john/GPU

Any comments are welcomed.
Lukas
Permalink | Reply | 7 comments |

Gmane