Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 2 Jun 2011 22:18:36 -0500
From: "JimF" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: Re: John 1.7.7-jumbo-5

The salted_sha format came along for the ride with simon's intrisic patch. 
It was old code he had (explained in a prior email), that he had created. It 
is actaully nsldaps, but works for sse2/sse2i builds.  But yes, these should 
be reduced to 1 (or 2) formats.

> Not confirmed regarding raw-md4.
That may have been my misquote.

> code in JtR required such alignment of binary()'s output buffer.  Was I
> wrong, or has something changed, introducing this requirement?

The assumption comes from how the get_bin are implemented. Many typecast to 
unsigned, then and off the lower bits.  If the return from binary is not 
aligned on these systems, they core.  It turned up on sparc64 (and some on 
sparc 32).

> ...Oh, it just occurred to me that fmt_self_test() directly passes
> binary()'s

Now, it 'may' be only in testing code. I had not investigated further, as 
the code would not get past this.   So, in the cracking code, you do not 
pass binary's return value?  If for normal cracking, you realloc (alingned), 
and then present that to the get_bin() calls, then all we may need to fix is 
formats.c, and revert back the code.

All I can say, is there were many formats where I had problems in the 
sparc64 system.  At first, we could not even 'start' john, it would die in 
the format loading of md5_gen_fmt.

>> Added new rules for is binary, and reject if (if not) -utf8 used.
>
> What's this?  Is it just about the new rule reject flags (-u and -U) or
> something else?

I believe so.  if it is more, I am sure magnum will fill in the holes.

Jim.

----- Original Message ----- 
From: "Solar Designer" <solar@...nwall.com>
To: <john-dev@...ts.openwall.com>
Sent: Thursday, June 02, 2011 10:04 PM
Subject: Re: [john-dev] John 1.7.7-jumbo-5


> On Sun, May 29, 2011 at 12:14:02PM -0500, JFoug wrote:
>> New formats: mskrb5 (magnum), rawMD5unicode (magnum), salted_sha1 (Simon
>> ???, this one is nsldaps, but using SSE2i).
>
> This salted_sha1 vs. ssha vs. openssha thing is very confusing.  I think
> salted_sha1 needs to be renamed.  Also, salted_sha1_fmt.c lacks a
> copyright and license statement.
>
>> SSE intrisics also added to raw-md4, raw-sha1, and raw-md5 (through thin
>> format to md5_gen(0)).  Intrinsics also used in other formats (Simon).
>
> Not confirmed regarding raw-md4.
>
>> Fixed REQ_ALIGN crash problems in:  HDAA, MSCHAPv2, NETLM, NETLMv2,
>> NETNTLM, NETNTLMv2, NSLDAPS, NSLDAP, OPENLDAPS, mscash, mscashv2, mssql,
>> mssql05, oracle, raw-md4   Note, some crash problems existed in Jumbo-1,
>> and some were needed due to J1->J5 performance changes, and -utf8 
>> support.
>> (JimF)
>
> You're patching rawMD4_fmt.c's get_binary() to have its static output
> buffer machine word aligned.  However, I was under impression that no
> code in JtR required such alignment of binary()'s output buffer.  Was I
> wrong, or has something changed, introducing this requirement?
>
> ...Oh, it just occurred to me that fmt_self_test() directly passes
> binary()'s return value to binary_hash[]() and cmp_*() functions.  If
> it's the only place where we have this requirement, then maybe it should
> be patched (to make a copy) instead of complicating all formats?
>
>> Changed NT's asm code (x86_sse.S) to properly work with UTF-8. (Alain
>> Espinosa ????)
>
> What's the performance impact for non-UTF-8?  (I'd expect 1% or so.)
>
>> Added new rules for is binary, and reject if (if not) -utf8 used.
>
> What's this?  Is it just about the new rule reject flags (-u and -U) or
> something else?
>
> Thanks,
>
> Alexander 

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ