headers
Erik Winkler | 1 Jul 2008 22:19
Picon

Re: raw-md5 module improvement


On Jun 12, 2008, at 12:41 PM, Bucsay Balázs wrote:

> Hello!
>
> I had some time, so i took a look at the john's raw-md5 module and  
> made some improvements. I sent it to my friends to test it, and  
> makes some reports. It was everywhere faster than the old one.
> I hope so, it hasnt any bugs, i didnt found anyone of it, so please  
> try it.
> (the patch is only for the pure 1.7.2, if you use anything else in  
> that, you might have to patch the patch :) )
>
> URL:
> http://www.rycon.hu/tools/john-1.7.2_rawMD5_fast.patch

Fails to compile on big endian machines with the following error.   
Something to do with the endian swap I am guessing.

md5_eq.c: In function ‘MD5_Go_eq’:
md5_eq.c:306: error: invalid operands to binary <<
md5_eq.c:307: error: invalid operands to binary >>
md5_eq.c:308: error: invalid operands to binary <<
md5_eq.c:309: error: invalid operands to binary >>

Erik
--

-- 
To unsubscribe, e-mail
john-users-unsubscribe@... and reply
to the automated confirmation request that will be sent to you.
(Continue reading)

Permalink | Reply | 4 comments |
headers
Solar Designer | 2 Jul 2008 04:30
Favicon

Re: Password encryption question

On Mon, Jun 30, 2008 at 01:01:50PM +0200, John wrote:
> We would like to find out the password encryption/mangling routine for a 
> legacy Windows app for which we would like to port the users to Linux.

This is mostly off-topic for this mailing list.  It has nothing to do
with John the Ripper, or even with its possible enhancements, because
this is password mangling rather than password hashing.

However, I've approved the posting this one time because it serves to
illustrate how some server programs actually store users' passwords in
an easily reversible form.

> # Account name, Plaintext, Password1, Password2
> a0000000001,as,aeg=,0wca0
> a0000000002,aaa,aWpq,0wca3vg==
> a0000000003,aaerially,b2pO4SFqD4+x,0wca3/mJtHm6Vig==
...
> a0000000033,abaissed,a3Fqou/oTsc=,0xMOmr0J1BUAn

These strings are a result of base64 encoding of some data, although in
Password2 ones there's an extra character prepended to the encodings.
I've tried decoding them, which produces N bytes for Password1 and N+1
bytes for Password2 (I've been omitting the leading "0" prior to the
decoding), where N matches the plaintext password length.  In order to
figure out how to convert those decoded byte sequences back into the
plaintext passwords, I suggest that you use one or both of the following
approaches:

1. Use specially-crafted plaintext passwords to have the program reveal
its obfuscation method more obviously.  For example, you could set
(Continue reading)

Permalink | Reply | 0 comments |
headers
madfran | 4 Jul 2008 08:42

Re: patch for SAP-passwords (BCODE & PASSCODE)

Hi,

I am trying to link the patch for SAP, but with no succes :-(

>Hello everyone,
>

>This patch was tested on linux/x86 only and we're quite sure it
>won't work on any other architecture w/o modifications. Sorry for
>that ;-) But: feel free to adjust/port/modify the code! Hints about
>adjustments to be made are welcome :-) 

My configuration is cygwin under Windows XP.
Attached the relevant output when I try to link.

Any idea?

*************************************************************************
$ make clean win32-cygwin-x86-sse2
.
.
gcc -c -DUNDERSCORES x86.S
gcc -c -DUNDERSCORES x86-sse.S
gcc DES_fmt.o DES_std.o DES_bs.o BSDI_fmt.o MD5_fmt.o MD5_std.o BF_fmt.o 
BF_std.
o AFS_fmt.o LM_fmt.o batch.o bench.o charset.o common.o compiler.o config.o 
crac
ker.o crc32.o external.o formats.o getopt.o idle.o inc.o john.o list.o 
loader.o
logger.o math.o memory.o misc.o options.o params.o path.o recovery.o rpp.o
(Continue reading)

Permalink | Reply | 0 comments |
headers
Solar Designer | 7 Jul 2008 00:06
Favicon

Re: wiki page on parallelization

On Fri, Jun 20, 2008 at 02:45:47PM -0600, RB wrote:
> Oi, I hadn't linked it yet since it's still a bit raw.  Regardless, thanks!

It's fine for wiki pages to be "a bit raw".  Everyone understands that
wiki content is always "under construction".

> I plan on breaking it out more into subtypes and some
> implementation-specific procedures, I just got sidetracked chasing
> some other bits this week.
> 
> rants/fixes/addendums appreciated, fanmail to /dev/null... ;)

Well, I noticed that you've since updated the page to include "simple
approaches" as well (those where one splits the workload explicitly),
and I've just corrected a few errors/misunderstandings I spotted.
You (and others) could want to subscribe to changes of this wiki page -
just click the "Subscribe Changes" button that appears at the bottom of
the page when you're logged in to the wiki.  Obviously, this works for
other wiki pages, too.

Just to remind, the URL to this page is:

	http://openwall.info/wiki/john/parallelization

Thanks again,

Alexander

--

-- 
To unsubscribe, e-mail
(Continue reading)

Permalink | Reply | 7 comments |
headers
RB | 7 Jul 2008 20:46
Picon

Re: wiki page on parallelization

> It's fine for wiki pages to be "a bit raw".  Everyone understands that
>  wiki content is always "under construction".

Many thanks for the fixes; I'd blame the spelling issues on late-night
typing, but some of those were too horrific to do much more than fall
on a sword for.  Figuratively, of course. :\

> Well, I noticed that you've since updated the page to include "simple
>  approaches" as well (those where one splits the workload explicitly),
>  and I've just corrected a few errors/misunderstandings I spotted.

Indeed, and I hope to finish out the "Extended efforts" section this
week, hopefully with a bit more clarity.  Would you mind considering
adding a DocuWiki plugin like 'comment' that would allow for adding a
TODO list in the source without cluttering the displayed page?

Also, on the --external:Parallel section, I was curious about your
change to the non-even split; if each instance takes every Nth
candidate as the code seems to indicate, how is that uneven?
Obviously the point of termination will cause some candidates not to
be tried, but would you mind clarifying?

--

-- 
To unsubscribe, e-mail
john-users-unsubscribe@... and reply
to the automated confirmation request that will be sent to you.
Permalink | Reply | 6 comments |
headers
Solar Designer | 7 Jul 2008 21:42
Favicon

wiki updates (was: wiki page on parallelization)

On Mon, Jul 07, 2008 at 12:46:51PM -0600, RB wrote:
> Indeed, and I hope to finish out the "Extended efforts" section this
> week, hopefully with a bit more clarity.

Great.

> Would you mind considering
> adding a DocuWiki plugin like 'comment' that would allow for adding a
> TODO list in the source without cluttering the displayed page?

(GalaxyMaster), our wiki guru, is the one to comment on this.  He's not
on this list right now, but I'll ask him to comment nevertheless.

> Also, on the --external:Parallel section, I was curious about your
> change to the non-even split; ...

You must be misreading the page.

BTW, another recently updated page is the one with benchmarks:

	http://openwall.info/wiki/john/benchmarks

I've included some benchmarks for recent development versions
(post-1.7.2), which add x86-64 support under Mac OS X and Solaris,
as well as computation of two Blowfish-based (bcrypt) hashes in
parallel on non-register-starved architectures (so x86-64 builds are now
a lot faster for this hash type as well).

Everyone is welcome to add their benchmark results to the table.  Please
make sure to run the benchmarks on an otherwise idle system (the real
(Continue reading)

Permalink | Reply | 4 comments |
headers
RB | 7 Jul 2008 22:44
Picon

Re: wiki updates (was: wiki page on parallelization)

>  > Also, on the --external:Parallel section, I was curious about your
>  > change to the non-even split; ...
>
>  You must be misreading the page.

Indeed I was; reading the diff from your first change to current gave
me that misunderstanding, due to the re-order of that section.

>  BTW, another recently updated page is the one with benchmarks:
>
>         http://openwall.info/wiki/john/benchmarks
>
<snip>

Looks great!  Do I presume correctly that you would prefer only
significantly different results, or is a simple "be reasonable" in
order?  For example, a quick and dirty test shows gcc-4.1.2 on Linux
doesn't provide what I would think are notably different results on a
P-III 1 GHz.  Would you rather add those in due to the major compiler
revision difference (and potentially forestall questions) or just
leave them off since they're not much different?

--

-- 
To unsubscribe, e-mail
john-users-unsubscribe@... and reply
to the automated confirmation request that will be sent to you.
Permalink | Reply | 1 comment |
headers
(GalaxyMaster | 7 Jul 2008 22:53
Favicon

Re: additional wiki plugins (Was: wiki page on parallelization)

Hi,

On Mon, Jul 07, 2008 at 12:46:51PM -0600, RB wrote:

> week, hopefully with a bit more clarity.  Would you mind considering
> adding a DocuWiki plugin like 'comment' that would allow for adding a
> TODO list in the source without cluttering the displayed page?

I'm going to install the 'comment' and 'non-breaking' space plugins.
Will announce when it's ready.

I'm not subscribed to this list, so if you want to reply to this message
keep me in CC.

-- 
(GM)

--

-- 
To unsubscribe, e-mail
john-users-unsubscribe@... and reply
to the automated confirmation request that will be sent to you.
Permalink | Reply | 0 comments |
headers
(GalaxyMaster | 8 Jul 2008 00:05
Favicon

Re: wiki updates

Hi,

I've installed the following plugins: comment and nbsp.  The former
allows to incorporate comments into Wiki source by enclosing comments
into '/*' and '*/' tags (without quotes), while the latter provides a
functionality to introduce a non-breaking space character by using '\ '
(backslash + space).

On Mon, Jul 07, 2008 at 11:42:14PM +0400, Solar Designer wrote:

> > Would you mind considering
> > adding a DocuWiki plugin like 'comment' that would allow for adding a
> > TODO list in the source without cluttering the displayed page?
> 
> (GalaxyMaster), our wiki guru, is the one to comment on this.  He's not
> on this list right now, but I'll ask him to comment nevertheless.

-- 
(GM)

--

-- 
To unsubscribe, e-mail
john-users-unsubscribe@... and reply
to the automated confirmation request that will be sent to you.
Permalink | Reply | 1 comment |
headers
(GalaxyMaster | 8 Jul 2008 00:10
Favicon

Re: wiki updates

On Tue, Jul 08, 2008 at 02:05:04AM +0400, (GalaxyMaster) wrote:

> functionality to introduce a non-breaking space character by using '\ '
> (backslash + space).

A correction: nbsp could be inserted by '\\ ' (double backslash + space).

-- 
(GM)

--

-- 
To unsubscribe, e-mail
john-users-unsubscribe@... and reply
to the automated confirmation request that will be sent to you.
Permalink | Reply | 0 comments |

Gmane