Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20100615051922.GA8882@openwall.com>
Date: Tue, 15 Jun 2010 09:19:22 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: 1.7.6-jumbo-2

Hi,

I've updated the jumbo patch to John the Ripper 1.7.6.  I started with a
mere update to the new version, resulting in john-1.7.6-jumbo-1.  This
revision of the patch was shortly moved to historical/ (where it can be
found now), replaced by 1.7.6-jumbo-2.

http://www.openwall.com/john/#contrib
http://download.openwall.net/pub/projects/john/contrib/historical/

1.7.6-jumbo-2 integrates jmk's john-1.7.5-jumbo-3-netv2-fix.diff from:

http://www.openwall.com/lists/john-users/2010/05/14/1

It also fixes a number of other issues with contributed code that I had
integrated previously.  Specifically, "make generic" should work again
(it does for me), which was broken with JimF's changes.  Also, I've
changed the default for --fix-state-delay to be 0 (disabling this
optimization), because a higher default resulted in an interrupted and
restored session re-doing a lot of work (even if interrupted cleanly!)
when cracking slow and salted hashes.  Those of you cracking raw MD5
hashes and the like with large wordlists may specify this option with a
non-zero argument explicitly (the old default was 64).

Besides the fixes, I've integrated the following old contributions:
john-1.6.krb4.patch-3.gz, john-1.6.skey.patch-1.gz (these two were
contributed in 1999-2000 by Dug Song), john-1.7-digestmd5-1.diff.gz
(contributed in 2006 by regenrecht), and Perl scripts from
john-1.6-nsldaps4.diff.gz (the C code from this patch was already
integrated).

The Kerberos v4 TGT module, after my updates for compatibility with
OpenSSL 0.9.7+, should be actually functional - at least it builds
cleanly and the tests pass.  Also, the tgtsnarf program gets built just
fine.  I imagine that it'll fail to build on some of the systems
otherwise supported by JtR, though, because it is the only one in JtR
that makes use of sockets.

The S/Key module, as integrated, is completely untested.  To enable it,
add/uncomment -DHAVE_SKEY and -lskey in the Makefile, then build and
test on a system with the S/Key library (perhaps a *BSD).

The DIGEST-MD5 authentication module is poorly implemented, but I
decided to integrate everything that I could anyway, so it finally got
in.  It requires that the authentication data to attack be specified
right in DMD5_fmt.c at compile-time.  This module specifies no tests,
hence it is excluded from the benchmarks/testing by default (and it
fails the test with "no data" if forced).

As usual, any feedback is welcome.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.