Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 15 Nov 2010 01:16:56 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: JtR 1.7.6-jumbo-9

Hi,

I've just released a new revision of the jumbo patch.  Compared to
1.7.6-jumbo-7, -jumbo-9 adds three new "formats": generic salted SHA-1
(sha1-gen), raw MD4 (raw-md4), and generic salted MD4 (md4-gen).  Of
these, sha1-gen has existed as a separate patch since last month
(john-1.7.6-jumbo-7-sha1_gen-1.diff.gz), whereas the MD4 ones are brand
new.  As currently implemented, none of these are fast (in fact, the MD4
ones are slower than raw MD5 and NTLM, which is "obviously wrong"), but
they do the job.  The hash encoding syntax for these is as follows:

$SHA1p$salt$59b3e8d637cf97edbe2384cf59cb7453dfe30789
$SHA1s$salt$c88e9c67041a74e0357befdff93f87dde0904214
$MD4p$salt$15ad2b7a23e5088942f9d3772181b384
$MD4s$salt$fb483dbef17c51c13e2322fcbec5da79
$MD4$8a9d093f14f8701df17732b2bb182c74
8a9d093f14f8701df17732b2bb182c74

All of these correspond to "password".  Those with "p" have the salt as
a prefix to the password; those with "s" have it as the suffix.  In PHP
terms, "$SHA1p$" above corresponds to sha1($salt . $pass), whereas
"$SHA1s$" corresponds to sha1($pass . $salt).  Ditto for MD4.  Despite
of the syntax used, the salt may contain dollar signs - to allow for
this, the last dollar sign delimiter (the one after the salt) is being
searched for from the end of the string.

All of these except for the last one (which is simply 32 hex chars) will
be correctly autodetected by john-1.7.6-jumbo-9.  For the last one, if
you don't want to add the explicit "$MD4$" prefix, you need to use
"--format=raw-md4" (just like you would for raw MD5 or raw SHA-1).

Besides adding the new "formats", 1.7.6-jumbo-9 integrates the following
contributions:

john-1.7.6-jumbo-7-netscreen-script-2.04.diff by Robert B. Harris from
VA and Brad Tilley (adds Python 3 compatibility).

john-1.7.6-jumbo-7-Makefile-Solaris-targets-fix-1.diff by Robert B. Harris
(corrects tgtsnarf build on Solaris).

NT-mscash.diff by Magnum, P.I. and Alain Espinosa, with a further change
by me (8-bit character support with NTLM and MS Cache hashes).

Thanks!

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ