|
Software you can find here (what's new?):
|
|
August 22, 2017
php_mt_seed
3.3 and
4.0
extend the range of supported SIMD instruction sets to be from SSE2 to AVX-512 (was SSE4.1 to AVX2/MIC),
and the range of supported PHP versions to be from 3.0.7 to 7.1.x+ (was 5.2.1 to 7.0.x).
Also featuring rewritten documentation.
May 7, 2017
phpass 0.5
is out, providing PHP 7 friendliness and other minor cleanups.
More news
|
Openwall software releases and other related files are also available from the
Openwall file archive and its
mirrors.
You are encouraged to use the mirrors, but be sure to verify the
signatures on software you download.
The more experienced users and software developers may use our
CVSweb server
to browse through the source code for most pieces of Openwall software
along with revision history information for each source file.
We publish articles,
make presentations, and
offer professional services.
We also maintain a
wordlists collection
for use with password crackers such as
John the Ripper
and with password recovery utilities.
Finally, we host community resources such as
mailing lists and
wiki
for users of Openwall software
and for other Open Source and computer security folks.
If you would like to be notified of updates to this website and the packages
hosted here, please subscribe to the announcement mailing list
by entering your e-mail address below or by sending an empty message to
<announce-subscribe at lists.openwall.com>.
You will be required to confirm your subscription by "replying"
to the automated confirmation request that will be sent to you.
You will be able to unsubscribe at any time and we will not use your e-mail
address for any other purpose or share it with a third party.
The list traffic is very low (typically 1 to 5 messages a month).
You may review past announcements here.
You may also
follow us on Twitter.
August 22, 2017
php_mt_seed 4.0
is out,
extending the range of supported PHP versions to include 7.1.0 and above (to current latest and hopefully beyond)
as well as 5.2.0 and below (all the way back to 3.0.7).
Previously, the range was from 5.2.1 to 7.0.x.
Also featuring
rewritten documentation.
August 6, 2017
php_mt_seed 3.3
is out,
extending the range of supported SIMD instruction sets to include SSE2 and AVX-512
(previously, the range was from SSE4.1 to AVX2 and MIC).
May 7, 2017
phpass 0.5
is out, providing PHP 7 friendliness and other minor cleanups.
August 25, 2016
New
Openwall GNU/*/Linux
ISO images and OpenVZ container templates
are out.
The updates since last summer are minor, and are mostly limited to bug
and security fixes.
July 22, 2016
A new version of our password/passphrase strength checking and enforcement
tool set,
passwdqc 1.3.1, is out,
fixing a bug with the rarely-used "non-unix" option of pam_passwdqc.
Bindings, ports, and third-party reimplementations of functionality from
passwdqc for/in Go, JavaScript, Perl, PHP, Python, and Ruby are now listed
among passwdqc contributed resources.
We've just released passwdqc for Windows.
March 5, 2016
We're introducing
OVE IDs, an alternative to CVE.
October 14, 2015
HPC Village
has recently been
updated to
include an NVIDIA GTX Titan X, the largest GPU card based on NVIDIA's latest
Maxwell architecture, due to sponsorship by
Sagitta HPC.
This is an opportunity for HPC (High Performance Computing) hobbyists
alike to program for a heterogeneous HPC platform. Participants are provided
with remote access to a server with multi-core CPUs and HPC accelerator cards
of different kinds - Intel MIC (Xeon Phi), AMD GPU, NVIDIA GPU. With the recent
update, there are two generations of GPU architectures available in the same
machine for each of AMD and NVIDIA. Some other hardware is also available in
additional machines. Eligible for HPC Village are Open Source software
developers and
ZeroNights 2015 attendees.
Please refer to the
HPC Village project web page
for a lot more detail, including for information on how to apply for an account.
August 2, 2015
New
Openwall GNU/*/Linux
ISO images and OpenVZ container templates
are out,
incorporating packages with security fixes accumulated since the previous
set of ISOs was generated in January.
Most notably, these include fixes for Linux kernel I/O vector array overrun
(CVE-2015-1805) and OpenVZ container escape (CVE-2015-2925), glibc GHOST
(CVE-2015-0235), OpenSSL FREAK (CVE-2015-0204), and BIND TKEY query DoS
(CVE-2015-5477).
November 28, 2014
Solar Designer's ZeroNights 2014 presentation non-slides (actually, a game)
entitled "Is infosec a game?" are now
available online.
August 31, 2014
Our Passwords^14, Skytalks, and WOOT '14 presentation slides
are now available online:
Energy-efficient bcrypt cracking by Katja Malvoni, Solar Designer, and Josip Knezovic.
This reflects progress made at this research project since we presented it last year.
November 4, 2013
We've just
turned our
php_mt_seed PHP mt_rand() seed cracker
from a proof-of-concept into a maintained project with its own homepage.
Changes implemented in October include AVX2 and Intel MIC (Xeon Phi) support,
as well as support for advanced invocation modes, which allow matching of
multiple, non-first, and/or inexact mt_rand() outputs to possible seed values.
October 25, 2013
HPC Village is our new project,
initially setup as a creative way to indirectly sponsor the upcoming
ZeroNights 2013 convention in
Moscow, Russia.
This is an opportunity for HPC (High Performance Computing) hobbyists alike to
program for a heterogeneous HPC platform. Participants are provided
with remote access to a server with multi-core CPUs and HPC accelerator cards
of different kinds - Intel MIC (Xeon Phi), AMD GPU, NVIDIA GPU.
Please refer to the
HPC Village project web page
for a lot more detail, including for information on how to apply for an account.
April 24, 2013
A new version of our password/passphrase strength checking and enforcement
tool set,
passwdqc 1.3.0, is out.
News archive (since 2001)
