Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 13 Nov 2007 04:28:44 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Simon's "myjohn" and patch for DES-based Oracle hashes support (was: bitslice implementation of ORACLE hash cracking)

Regarding getting this into the next revision of the jumbo patch:

On Mon, Nov 12, 2007 at 09:49:00AM +0100, Simon Marechal wrote:
> ... I do not believe the half-assed ciphers I added are worth the work.

Well, the "hack quality" of these patches is one of the reasons why I
don't just merge them into JtR, but for the jumbo patch things are
different.  The jumbo patch is supposed to be just that - a collection
of useful, but non-optimal, possibly buggy, and sometimes less portable
patches that do not get into the official JtR.

Are there more hashes/ciphers in your "myjohn" that are not in the
current jumbo patch?  If so, can you please submit them for merging into
the jumbo patch?

> As you'll see it's very slow and would 
> tremendously be sped up by proper buffering / use of the bitsliced code. 
> I never did this because 99% of oracle passwords seem to be equal to the 
> login ...

Actually, that's a valid reason why your code is of some use even in its
present form!

A question on your john-1.7.2.oracle-1.gz (that was attached to the
message): why did you include a modified copy of the DES routines from
libdes?  Is it just to have this patch independent from libdes and from
the jumbo patch, or are your modifications important?  Whoever merges
this into the jumbo patch will need to know the answer to this as the
jumbo patch depends on OpenSSL anyway.

> My "current" tree has all the up to date data needed for an up to date 
> creation of the jumbo patch, at http://btb.banquise.net/bin/myjohn.tgz. 

Do you suggest that an up-to-date jumbo patch may be created by merely
diff'ing your "myjohn" against an official version of JtR?  I doubt it.
I've been fixing various bugs in the jumbo patch, sometimes silently -
I doubt that you've merged those fixes into "myjohn".

> There is also the "markov" mode which I found to be very effective on 
> french passwords, and "solves" some of the problems related to cracking 
> long passwords.

Yeah, I've been meaning to comment on it and ask a question, but I never
got around to that...

Thanks,

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15
http://www.openwall.com - bringing security into open computing environments

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ