Openwall Project
bringing security into open environments

September 3, 2010
There's a new snapshot of Owl-current available on our FTP mirrors. Besides the full source code, this includes pre-built packages, ISOs, and OpenVZ container templates for i686 and x86-64. As usual, there are also direct download links to the ISOs on the Owl homepage.

In this snapshot, the kernel has been updated to OpenVZ's latest from their "RHEL5 testing" branch (2.6.18-194.11.3.el5.028stab071.3) with minor additional changes. CD bootup and the installer have been improved some further. The e2fsprogs, diffutils, bison, man-pages, man, diffstat, gawk, cdrkit, iptables, sed, grep, ltrace, hdparm, mktemp, vsftpd, acct, file, and m4 packages have been updated to new upstream versions. Assorted minor improvements have been made and/or bugfixes applied to several other packages. Please refer to the Owl-current change log for more information on some of these changes.

August 22, 2010
The jumbo patch for John the Ripper is now up to revision 1.7.6-jumbo-7 adding MSCHAPv2, several external modes, bugfixes, and license updates.

August 7, 2010
The July 29 snapshot of Owl-current (announced below) is now available for purchase on CD (both 32- and 64-bit).

July 30, 2010
New ISO images and pre-created OpenVZ container templates of Owl-current for i686 and x86-64 are available on our FTP mirrors. The ISOs are also available via direct download links on the Owl homepage. We have once again updated Owl to use OpenVZ's latest kernel from their "rhel5" branch, and we've switched to using RPM-packaged kernels, but in a way allowing for easy non-packaged builds as well. At the same time, we've introduced support for the ext4 filesystem (in fact, it is now offered by default for new installs), and we've improved CD bootup and the installer ("settle") in numerous ways. The packages of passwdqc, strace, lftp, tcb, JtR, and Postfix have been updated to new versions, and changes have been made to several other packages. Please refer to the Owl-current change log for more information on some of the changes.

July 27, 2010
Examples of how to crack SMTP's AUTH CRAM-MD5 and LM and NTLM challenge/response exchanges have been posted to the john-users mailing list. The jumbo patch is now up to revision 1.7.6-jumbo-6 (adding some bugfixes).

Petur Ingi Egilsson wrote a step-by-step guide entitled John the Ripper on a Ubuntu 10.04 MPI Cluster.

July 24, 2010
We've setup a web page with recommended computer security books (and more).

July 13, 2010
A short and very easy to follow article on introducing phpass password hashing into an existing PHP application has been published on the UE Developer website.

July 5, 2010
John the Ripper 1.7.6, originally released as a development version because of the extent of the changes made, has been re-labeled the new stable version. There hasn't been a single bug report against this version since it was released over two weeks ago, yet people successfully built, ran, and some even packaged it on a variety of operating systems.

Steven M. Christensen of Sunfreeware has produced packages of JtR 1.7.6 for many versions of Solaris, both SPARC and x86, including both 32-bit and 64-bit builds.

GI John - Grid implemented John the Ripper, a curious non-Openwall project - has been updated to build upon JtR 1.7.6-jumbo-3.

July 4, 2010
John the Ripper gets a new bitslice DES key setup algorithm, currently implemented as a patch usable on x86-64 and x86 with SSE2. With this, it achieves a whopping 356 million of LM hash computations per second on a dual quad-core Xeon system (with multiple simultaneous processes), as well as 15M c/s at DES-based crypt(3) for the single salt case or 20M+ c/s with multiple salts (with a single multi-threaded process).

July 1, 2010
It is now possible to get a recent Openwall GNU/*/Linux -current snapshot on CD - 32-bit and/or 64-bit (your choice). Previously, only the last release was available for purchase on CD.

June 30, 2010
There's a new revision of the bitslice DES parallelization patch for John the Ripper, and new benchmarks - now over 20M c/s at traditional DES-based crypt(3) on a dual quad-core Xeon, and over 10M c/s on a Core i7 (single quad-core CPU).

June 28, 2010
John the Ripper's bitslice DES implementation is being parallelized with OpenMP directives - there's a draft patch and benchmark results - up to 17.5M c/s for traditional DES-based crypt(3).

June 23, 2010
passwdqc 1.2.2 has been released. This version makes minor Makefile updates to make the "install" and "uninstall" targets with their default settings friendlier to Solaris systems. At the same time, a wiki page with detailed Solaris-specific instructions on passwdqc has been created.

A Python package re-implementing some algorithms from passwdqc has been created by Alastair Houghton. It is found on the passwdqc contributed resources list.

Detailed tutorials on cracking/auditing SHA-crypt hashed user passwords on recent Ubuntu, Fedora, and Solaris 10 systems have been posted to the john-users mailing list, separately for Linux (using Fedora 12 as the specific example) and for Solaris 10. These include optional OpenMP parallelization instructions and examples (to use multiple CPUs and/or CPU cores).

The jumbo patch for John the Ripper has been updated further to revision 1.7.6-jumbo-3, and the MPI parallelization patch has been updated to apply on top of this revision.

June 15, 2010
The jumbo patch has been updated to John the Ripper 1.7.6, and additionally updated with fixes for previously-integrated contributions and with additional modules. The current revision is 1.7.6-jumbo-2.

We've setup a collection of papers, source code, etc. related to bitslice implementations of DES (focusing on the S-boxes).

June 14, 2010
John the Ripper version 1.7.6 is out. This is a development version adding generic crypt(3) support (e.g., to be used for SHA-crypt and SunMD5 hashes), optional partial parallelization with OpenMP (of the new generic crypt(3) code on Linux and Solaris and of John's optimized code for the OpenBSD-style Blowfish-based crypt(3) hashes), more optimal DES S-box expressions for PowerPC with AltiVec, as well as making minor usability improvements and reworking the bitslice DES C source code. Please refer to the change log and the john-users announcement for more detail.

June 13, 2010
The tcb suite, implementing our alternative password shadowing scheme on Owl (and reused by a number of other systems), has been updated to version 1.0.6. The only change since version 1.0.5 is removal of a faulty check for sparse files. This change was needed for compatibility with modern filesystems such as btrfs.

June 6, 2010
"How to manage a PHP application's users and passwords" has been republished on the Openwall website. At the same time, three old Openwall security advisories have been updated to focus on currently relevant aspects and turned into articles.

May 27, 2010
Solar Designer's article entitled "How to manage a PHP application's users and passwords" has been published on the Month of PHP Security website. "In this article/tutorial, I will guide you through the steps needed to introduce proper (in my opinion at least) user/password management into a new PHP application. I will start by briefly explaining password/passphrase hashing and how to access the database safely. Then we will proceed through several revisions of the sample program. We'll start with a very simple PHP program capable of creating new users only and having some subtle issues. We will gradually improve this program adding functionality (logging in to existing user accounts, changing user passwords, and enforcing a password policy) and "discovering" and dealing with the issues. We will also briefly touch many related topics.

John the Ripper's implementation of OpenBSD-style Blowfish-based crypt(3) hashes is being parallelized with OpenMP (which is readily available with recent C compilers, including with gcc). This is expected to be made official with the next development release. Meanwhile, there's a patch on the wiki, and here are benchmarks on 8-way x86-64 systems (Core i7 and Dual quad-core Xeon) and 32-way UltraSPARC T2 (quad-core, 8 threads per core).

April 25, 2010
The jumbo patch for John the Ripper 1.7.5 has been updated to revision 3. Most notably, this adds documentation on LM/NTLM challenge/response authentication cracking (doc/NETNTLM_README), improves the netntlm.pl script, and adds the "--config" option. These changes have been contributed by JoMo-Kun.

April 22, 2010
There's a new revision of our PHP password hashing framework - phpass 0.3. This revision no longer requires the getmypid() PHP function (which a few shared hosting providers disable) and it supports the "$H$" hash encoding prefix (as used by phpBB3). Also, the size of an array in the C reimplementation, which is unused by the framework itself, has been corrected (thanks to Christian von Schultz for reporting the bug).

April 6, 2010
Rixler Software's password recovery products for Word, Excel, and some other Microsoft Office documents have been added to Openwall's collection of password recovery resources. These new products use an innovative approach where the 40-bit encryption key gets cracked within seconds by Rixler's specialized server, yet the actual "document" is not "revealed" to the server (only some technical information is sent to the server).

ElcomSoft's Microsoft SQL Server password change/reset and WiFi WPA/WPA2-PSK password security auditing products have also been added to the collection.

March 29, 2010
Solar Designer has published a couple of enhanced challenge/response authentication algorithms. Please feel free to reuse these.

March 27, 2010
passwdqc 1.2.1 is out. In this version, a password strength check has been adjusted to no longer subject certain passwords that start with a digit and/or end with a capital letter to an unintentionally stricter policy.

March 23, 2010
Today's ISO images and pre-created OpenVZ container templates of Owl-current for x86 and x86-64 are currently propagating to our FTP mirrors. The ISOs are also available via direct download links on the Owl homepage. We have updated Owl to use OpenVZ's latest kernel from their "rhel5" branch, with RHEL5 patches further updated from Red Hat's latest stable kernel and with some minor changes of our own. The packages of gzip, VIM, tcb, JtR, tcsh, quota, passwdqc, libnids, pciutils, hdparm, and tar have been updated to new versions or patchlevels, and changes have been made to several other packages. Please refer to the Owl-current change log for more information on some of the changes.

March 16, 2010
Version 1.2.0 of passwdqc, our proactive password/passphrase strength checking and policy enforcement toolset, is out. The pwqcheck program is now directly usable by OpenBSD, and it is able to check multiple passwords/passphrases at once (e.g., for policy testing on large password/passphrase lists). The random passphrases offered by pam_passwdqc, pwqgen, as well as by the passwdqc_random() function in libpasswdqc, will now encode more entropy per separator character and per word, increasing their default size from 42 to 47 bits. Substring matching will now partially discount rather than fully remove weak substrings, support leetspeak, and detect some common sequences of characters (sequential digits, letters in alphabetical order, adjacent keys on a keyboard). The passphrase strength checking code will now detect and allow passphrases with non-ASCII (8-bit) characters in the words. A number of optimizations have been made resulting in significant speedup of passwdqc_check() on real-world passwords. RPM packages can now be built out of the distribution tarballs.

We've setup a web page with screenshots demonstrating the uses and setup of passwdqc on Openwall GNU/*/Linux, as well as a wiki page with password strength policy considerations aimed at systems administrators deploying and configuring passwdqc.

We have also setup the passwdqc-users mailing list. Please use it to share your experience with passwdqc and ask questions. The subscription instructions are found right on the passwdqc homepage.

Social bookmarking buttons have been added to most pages on the Openwall website, as well as on the Wiki. Please use these to add your favorite Openwall web pages to your favorite social websites.

March 11, 2010
We've setup the Openwall file archive - a locally-hosted web-based archive with current and old revisions of Openwall software releases, user contributions, and other related files. Previously, this content was only available via FTP locally and from the mirrors.

New community wiki pages have been created on topics related to John the Ripper password cracker: How to retrieve and audit password hashes from remote Linux servers and Sample password hash encoding strings.

magnum has contributed a new MPI patch for John the Ripper, which supports parallelization of cracking modes other than "incremental". Older MPI patches were limited to just the "incremental" mode.

March 2, 2010
Erik Winkler has contributed Win32 and Mac OS X builds of John the Ripper 1.7.5 with revision 1 of the jumbo patch, which are now found on the contributed resources list for JtR.

The jumbo patch for JtR 1.7.5 has been updated to revision 2.

A wiki page on passwdqc (our password/passphrase strength checking and policy enforcement toolset) has been setup with pointers to user-created OS-specific instructions and packages of passwdqc.

February 26, 2010
John the Ripper version 1.7.5 is out, along with its corresponding jumbo patch update. This is yet another development version. There was no specific focus for this update, so a variety of minor enhancements were implemented (mostly in response to requests made, questions asked, and issues raised on the john-users mailing list lately).

February 25, 2010
The tcb suite has been updated further to version 1.0.5. The primary change since version 1.0.4 is the reduction of the .data section size and thus of on-disk size of some components by 256 KB when tcb is compiled against Linux 2.6 kernel headers.

February 24, 2010
There's a minor update of crypt_blowfish (version 1.0.4), our public domain password hashing framework for C/C++. In this version, the check for unsupported iteration counts has been corrected to reject certain iteration counts that would previously be misinterpreted. Also, section .note.GNU-stack has been added to the x86 assembly file to avoid the stack area unnecessarily being made executable on Linux systems that use this convention.

On a related note, a Python interface to crypt_blowfish by Daniel Holth has been added to the contributed resources list on the crypt_blowfish homepage.

February 19, 2010
Linux 2.4.37.9-ow1 is out.

February 14, 2010
Revision 3 of the jumbo patch for JtR 1.7.4.2 has been released, adding support for cracking NTLMv2 challenge/response exchanges (contributed by JoMo-Kun), as well as support for Oracle 11g SHA-1 based hashes (contributed by Alexandre Hamelin).

February 12, 2010
We've just released version 1.0.4 of our tcb suite (which implements the alternative password shadowing scheme on Owl). In this version, a non-security buffer overflow bug with more than NGROUPS_MAX groups per user has been fixed.

January 28, 2010
Fresh ISO images and pre-created OpenVZ container templates of Owl-current for x86 and x86-64 (generated today) are available on our FTP mirrors. There are also direct download links for the ISOs on the Owl homepage. The "make vztemplate" target has been added to the Owl build environment, making it easy for us and for Owl users to generate new OpenVZ container templates of the Owl userland. The 32-bit x86 userland is now being built for "i686" (Pentium Pro and above) by default. The packages of JtR, Nmap, and pciutils have been updated to new versions, libtool and gzip had minor security vulnerabilities fixed, and changes have been made to several other packages. Please refer to the Owl-current change log for more detailed information on some of the changes.

Martin F. Krafft adopted the passwdqc Debian package and brought it up to date. Our password/passphrase strength checking and policy enforcement toolset now integrates nicely with PAM on Debian systems, and command-line utilities as well as the shared library providing the functionality will soon be available in separate packages.

January 19, 2010
John the Ripper version 1.7.4.2 is out, along with its corresponding jumbo patch update. This is another development version, and this time the focus was on performance improvements with very large password files or sets of files.

Support for "generic" MD5-based hashes (optionally salted or/and iterated) has been added to the jumbo patch (starting with 1.7.4-jumbo-2), due to code contributed by JimF.