Kasza Péter | 3 Mar 14:22 2009
Picon

Jumbo patch macosx-x86-64 makefile bug

The genmkvpwd utility cannot be linked with the macosx-x86-64 target,
because the sources are compiled with the default i386 architecture.

To solve this "-m64" needs to be appended to the LDFLAGS_MKV variable.  
Also ld
seems to complain about the "-s" flag being deprecated, and the  
symbols aren't
getting stripped from the compiled executables (this isn't such a big  
issue as
the above mentioned utility builds fine).

Peter Kasza
Attachment (jumbo-makefile.diff.gz): application/x-gzip, 513 bytes

--

-- 
To unsubscribe, e-mail
john-users-unsubscribe@... and reply
to the automated confirmation request that will be sent to you.
rajat swarup | 6 Mar 19:32 2009
Picon

John the ripper on PS3

Has anyone compiled John the ripper on the PS3 using spu-gcc?  I am
getting compilation errors in the tty.c file.  I'll post the follow-up
error messages in a subsequent e-mail by evening.

Thanks and regards,
-- 
Rajat Swarup

http://rajatswarup.blogspot.com/

--

-- 
To unsubscribe, e-mail
john-users-unsubscribe@... and reply
to the automated confirmation request that will be sent to you.

Ruben Lara | 17 Mar 13:57 2009
Picon

raw-md5 and others commons hashes


Hi all!!

I'm trying to run some differents hashes but my installed john 1.7.3.1 don't support them, i compiled this
http://www.openwall.com/john/g/john-1.7.3.1.tar.gz from sources...

--format=NAME              force hash type NAME: DES/BSDI/MD5/BF/AFS/LM

Have i to install any patch to support raw-md5 or others commons hashes? if previous is true, where can i find
it? 

Thanks in advance
Rubén Lara

_________________________________________________________________
Descubre todas las formas en que puedes estar en contacto con amigos y familiares.
http://www.microsoft.com/windows/windowslive/default.aspx
Ruben Lara | 18 Mar 06:52 2009
Picon

RE: raw-md5 and others commons hashes


I answer myself 

> From: bermejator@...
> To: john-users@...
> Date: Tue, 17 Mar 2009 12:57:51 +0000
> Subject: [john-users] raw-md5 and others commons hashes

> --format=NAME              force hash type NAME: DES/BSDI/MD5/BF/AFS/LM
> 
> Have i to install any patch to support raw-md5 or others commons hashes? if previous is true, where can i
find it? 

http://www.openwall.com/john/contrib/john-1.7.3.1-all-5.diff.gz

--format=NAME              force hash type NAME: DES/BSDI/MD5/BF/AFS/LM/NT/XSHA/PO/raw-MD5/IPB2/raw-sha1/md5a/hmac-md5/KRB5/bfegg/nsldap/ssha/openssha/oracle/MYSQL/mysql-sha1/mscash/lotus5/DOMINOSEC/NETLM/NETNTLM/NETLMv2/NETHALFLM/mssql/mssql05/epi/phps/mysql-fast/pix-md5/sapG/sapB/md5ns/HDAA

Thanks
Rubén Lara

_________________________________________________________________
Descubre todas las formas en que puedes estar en contacto con amigos y familiares.
http://www.microsoft.com/windows/windowslive/default.aspx
Minga Minga | 25 Mar 15:52 2009
Picon

Adding Characters to the end of strings inside of DumbForce?

I am using a 'DumbForce' section of john.conf to brute force ALL possible 6
character passwords, But I want to ADD the string '2008' to the end of each
password generated.

(I want it to try aaaaaa2008 aaaaab2008 aaaaac2008 ... ... ..)

Is there a way to do this in john.conf?

Currently I am doing:

./john -external:DumbForce-AllChars -stdout | sed -e 's/$/2008/g' | ./john
-stdin passwd.txt

Which is very wasteful...

Thanks

-Minga

-----

Here is what "DumbForce-AllChars" looks like (the part that matters)

[List.External:DumbForce-AllChars]
int maxlength;          // Maximum password length to try
int last;               // Last character position, zero-based
int lastid;             // Character index in the last position
int id[0x7f];           // Current character indices for other positions
int charset[0x100], c0; // Character set

(Continue reading)

Solar Designer | 26 Mar 04:21 2009

Re: Adding Characters to the end of strings inside of DumbForce?

On Wed, Mar 25, 2009 at 09:52:53AM -0500, Minga Minga wrote:
> I am using a 'DumbForce' section of john.conf to brute force ALL possible 6
> character passwords,

Why not just use an "incremental" mode such as? -

[Incremental:All6]
File = $JOHN/all.chr
MinLen = 6
MaxLen = 6
CharCount = 95

That would be more efficient.

> But I want to ADD the string '2008' to the end of each
> password generated.
> 
> (I want it to try aaaaaa2008 aaaaab2008 aaaaac2008 ... ... ..)
> 
> Is there a way to do this in john.conf?

Yes.  The most efficient and easiest way to do it is with the All6
"incremental" mode defined above, in combination with:

[List.External:6plus2008]
void init()
{
	word[10] = 0;
}

(Continue reading)

Minga Minga | 26 Mar 20:47 2009
Picon

--make-charset against a File with LANMAN and NTLM Passes?

I've been using JtR alot recently - and have lots of questions / new rules
to push out the group. I am just going to keep asking questions until
someone tells me to shut up ;)

I am attempting to make a new charset based on the output from
PWDUMP/FGDUMP. The file contains approx. 50000 accounts, 7000 of which have
LANMAN and 43000 of which are NTLM only.

When I run:

john --make-charset=mingakore.chr pwdump.txt

It only uses the cracked lanman hashes to create the mingakore.chr file -
and not the NTLM ones.

Is there a way to make --make-charset use the NTLM and ignore the LANMAN
hashes? I've tried removing the LANMAN hashes from the input file to no
avail.

-Minga

(P.S. thanks for the previous "2008" bruteforce help)
Solar Designer | 27 Mar 02:44 2009

Re: --make-charset against a File with LANMAN and NTLM Passes?

On Thu, Mar 26, 2009 at 02:47:58PM -0500, Minga Minga wrote:
> I am attempting to make a new charset based on the output from
> PWDUMP/FGDUMP. The file contains approx. 50000 accounts, 7000 of which have
> LANMAN and 43000 of which are NTLM only.
> 
> When I run:
> 
> john --make-charset=mingakore.chr pwdump.txt
> 
> It only uses the cracked lanman hashes to create the mingakore.chr file -
> and not the NTLM ones.

Yes, indeed.  That's because by supplying the password file (pwdump.txt)
you're asking JtR to filter the john.pot contents making use of only
hashes found in that password file, and JtR tends to only auto-detect LM
hashes in the file.

> Is there a way to make --make-charset use the NTLM and ignore the LANMAN
> hashes? I've tried removing the LANMAN hashes from the input file to no
> avail.

If your build of JtR supports NTLM, then try adding "--format=nt" to the
above command.

If your build of JtR doesn't support NTLM or/and you don't mind JtR
picking up all hashes at once (not just NTLM and not just those from the
specific password file), then simply omit the password file name - keep
"--make-charset=..." as the only command-line option you pass.

Please let the list know which of these approaches (or another one) you
(Continue reading)

Minga Minga | 27 Mar 18:34 2009
Picon

Re: --make-charset against a File with LANMAN and NTLM Passes?

>
> If your build of JtR supports NTLM, then try adding "--format=nt" to the
> above command.
>

Tried that first. Doesn't work.

./john --make-chars:adsfdsaf.chr --format:nt pwdump.txt
Invalid options combination or duplicate option: "--format:nt"

> If your build of JtR doesn't support NTLM or/and you don't mind JtR
> picking up all hashes at once (not just NTLM and not just those from the
> specific password file), then simply omit the password file name - keep
> "--make-charset=..." as the only command-line option you pass.
>

I was trying to create a custom CHR for just this one pwdump input file. My
john.pot file contains almost 2 million entries of which only 35000 are for
my input file. I was hoping to create a .CHR that eliminates special
characters that are "never" used by the people on this domain. In an effort
to speed up brute forcing. I can do it manually obviously though.

> Please let the list know which of these approaches (or another one) you
> ended up using, and whether it worked.
>

Neither. I can make a list of characters that are NOT used in any of my
passwords I have cracked so far - and make those be SKIPPED in the DumbForce
method. Not sure if that is really worth it to me at this point, but it
should work. It appears that DumbForce is faster than  using --external AND
(Continue reading)

Minga Minga | 27 Mar 18:52 2009
Picon

New john.conf rules (Part 1 of 9999)

All,

I've been working on writing my own john.conf rules recently in an effort to
reverse engineer certain company's password policies. I have been able to
decipher many of the "tricks" that their users use, and write john.conf
rules specificially to abuse their idea of a 'safe' password.

I'm sure there are already john.conf rules that tackle some of these - but
having specific rules really helped me to crack as many passwords as
possible. Im also "new" at writing john.conf - so Im sure some of them
aren't done the "best' way and could be minimized. But I like having them in
a readable and easier to understand format.

The thing I really like about these rules - is that the dictionary file I
use can be "small" - contains 4-5 characters MAX - and it will cracked 8-10
character passwords easily.

Ill try to post more and more rules each week. Ill also try to explain each
entry below via comments. Please post your custom john.conf rules too!

[List.Rules:Wordlist]
:
# KoreLogic - prepends 2008 (and variations) to the beginning of each word.
# This cracks passwords such as 2008Sep! 2008Sep$ 2008Sep* 2008Sep. 2008Sept
i[0][2]i[1][0]i[2][0]i[3][0123456789]

# KoreLogic - Capitalize pure alphabetic words and PREPENDS 2000,2001 up to
2009
# This is ONLY really useful if your dictionary is all lower case - and you
KNOW your users
(Continue reading)


Gmane