Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Sun, 3 Jul 2011 05:13:02 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: John the Ripper 1.7.8-jumbo-2

Hi,

Yes, a -jumbo based on JtR 1.7.8 is finally out:

http://www.openwall.com/john/
http://www.openwall.com/john/#contrib

Besides the rebase to 1.7.8, the changes include:

As part of Dhiru Kholia's GSoC 2011 project, support for cracking of
password-protected WinZip archives with AES encryption has been added.
As currently implemented, false positives may occur (in other words,
non-working passwords may be found), typically if the actual password is
complicated.  Hopefully, this shortcoming will be addressed at a later
time.  Meanwhile, to try the feature out, run the zip2john program
(which is part of 1.7.8-jumbo-2) on one or more ZIP archives,
redirecting the output to a file.  Then run john on this file.

Sample password-protected ZIP archives for testing may be obtained at:

http://openwall.info/wiki/john/sample-non-hashes

This page also hosts sample passphrase/password-protected SSH keys, PDF
files, and RAR archives.  These were already supported in 1.7.7-jumbo-6,
and indeed they still are.  The usage instructions are similar - there
are ssh2john, pdf2john, and rar2john programs included.

To give credit where it's due, in his work on WinZip archives Dhiru
Kholia has reused some code and documentation by Dr Brian Gladman:

http://www.gladman.me.uk/cryptography_technology/fileencrypt/

The support for SSH keys was inspired by the ssh-privkey-crack program:

http://neophob.com/2007/10/ssh-private-key-cracker/

(although Dhiru's code in JtR is different).

The PDF support in JtR builds upon the PDFCrack program by Henning Noren:

http://pdfcrack.sourceforge.net

The RAR support in JtR uses a little bit of code from the public domain
unrar utility written by Alexander Roshal, and it is made possible due
to Marc Bevand's documentation of the RAR encryption scheme, originally
for Marc's unrarhp:

http://www.zorinaq.com/unrarhp/

(I should have included this credit in my announcement of 1.7.7-jumbo-6,
but I forgot.  Better late than never.)

The rest of the changes in 1.7.8-jumbo-2 are by JimF and magnum:

Compile-time detection of OpenSSL 0.9.8+ has been added, automatically
enabling support for Sybase ASE and hmailserver hashes.

The performance at MSCash2 (Domain Cached Credentials of modern Windows
systems) has been improved.

Minor other performance and portability improvements have been made.

Enjoy, and provide your feedback.

Alexander

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ