Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 21 Oct 2005 11:26:45 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: CHange-Request

On Mon, Oct 17, 2005 at 05:22:32PM +0200, sebastian.rother@...erlin.de wrote:
> As far as I can see John isn't able to decrypt a SAM-File wich is
> protected by SYSKEY.

John relies on external (third-party) tools to provide the LM hashes in
PWDUMP format.

> BKHIVE is an OpenSOurce-Tool wich uses the
> "system"-file to use the SYSKEY (wich is stored at the HDD by default) to
> decrypt the SAM (so that it isn't protected with syskey anymore).
> 
> Is it possible that John could adapt this functionality like john uses
> "unshadow" to merge the passwd and shadow files?

This kind of Windows-specific functionality is not currently planned.

> If you need the Sourcecode I'm able to e-Mail it to you.
> The original website is down because the student who wrote the software
> isn't student anymore.
> 
> The Archiv dosn't include any License.

Actually, the copy of the source code for BKHIVE that I found has a
license statement in every source file.  There's one serious
restriction:

        You may not use this work for commercial purposes.

This is sufficient to prevent the inclusion of this code in John, since
I do not want to similarly disallow commercial uses of John.

However, re-coding this wouldn't be hard.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Was I helpful?  Please give your feedback here: http://rate.affero.net/solar

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ