Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Fri, 17 Aug 2012 08:41:09 -0400 (EDT)
From: jfoug@....net
To: john-users@...ts.openwall.com
Subject: Re: Cracking Gauss using dynamic


On Fri, Aug 17, 2012 at 7:31 AM, jfoug@....net wrote:

> On Fri, Aug 17, 2012 at 12:40 AM, Solar Designer wrote:
>> I thought that maybe the implementation of phpass in the dynamic
>> format was generic enough - but it is not.  Its loop is hardcoded in
>> DynamicFunc__PHPassCrypt().  So it seems like the current dynamic 
>> format
>> is incapable of arbitrary loops.  This may be something for JimF to
>> enhance - not for this specific target, but in general.
>
> There is no looping, or variables, or much of any other 'fancy' things 
> in dynamic.  Mostly, it is an array of very simple function pointers, 
> such as:  clear-this-buffer, append-this-string, crypt-this-buffer, 
> convert-this-to-base-16-and-append-to-buffer, etc, etc.  Those are not 
> the real function names, but that is pretty much 'what' they do, and 
> how much smarts they have.
>
> So if you wanted to (with current dynamic), do 10k crypt of the crypt, 
> you would simply have to build a format with whatever initialization 
> code was needed to get things 'started', and then 10k of these (well, 
> 9999 of the 2nd part):
>
> DynamicFunc__crypt_md5_in1_to_out2
> DynamicFunc__clean_input2
> DynamicFunc__append_from_last_output2_as_raw
> DynamicFunc__crypt2_md5()
> DynamicFunc__clean_input2_kwik
> DynamicFunc__append_from_last_output2_as_raw
> DynamicFunc__crypt2_md5()
> DynamicFunc__clean_input2_kwik
> DynamicFunc__append_from_last_output2_as_raw
>
> // 9996 more of the:
> DynamicFunc__clean_input2_kwik
> DynamicFunc__overwrite_from_last_output2_as_base16_no_size_fix

Sorry, wrong, code, should have been 
DynamicFunc__append_from_last_output2_as_raw

That was cut/paste from some code that did not match this problem.

> DynamicFunc__crypt2_md5()
>
> // then a final
> DynamicFunc__clean_input2_kwik
> DynamicFunc__overwrite_from_last_output2_as_base16_no_size_fix

Same problem here, should have been 
DynamicFunc__append_from_last_output2_as_raw

> DynamicFunc__crypt_md5_in2_to_out1

....

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ