Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 12 Mar 2012 15:45:11 +0100
From: Andres Ederra <andres.ederra@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Cracking RACF passwords

Hi Alexander (and all),

I just want to encourage you about creating racf support for john.

You are not alone with the effort, I am also very interested... maybe
and only maybe I could get some company resources to work on that
too...

Anyway as far as I have investigated the issue the problem is to learn
the RACF algorithm, coding it as a john module its a no-issue.

I'm afraid that the people who know that info maybe retired (or
dead...) and IBM is not going to collaborate that much (I would want
to be wrong but...)

There is always the possibility to reverse-engineer the cracf.exe and
weakword.exe but that is a costly and painful road... (btw, afaik,
that is completely legal for interoperability, with its the exact
case, at least in Europe or at least in my country... ).

In any case I haven't find the resources to properly investigate the
issue... but it looks like Tierry Falissard work is promising (even if
you have to jump through some loops to access its web and
downloads...)

Have anyone checked this source code? http://pastebin.com/g2tVcEww I
know nothing about os-390 asm ... does it rely on a racf library? or
we can learn something about the algorithm from it?

Best regards

Andrés

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.