Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Fri, 17 Aug 2012 09:21:26 -0400
From: Matt Weir <cweir@...edu>
To: john-users@...ts.openwall.com
Subject: Re: Cracking Gauss using dynamic

Dough, the loop in the python code should have just been to 9999 since
there's an extra round at the end...
That's of course assuming that it was working though ;p

Matt

On Fri, Aug 17, 2012 at 9:06 AM, Matt Weir <cweir@...edu> wrote:
> I've been having some problems getting the correct hash to be
> generated. First of all I've been using a bash script from the website
> to generate expected values.
>
> --------file hex. This is for the input word "secret" with salt------------
> 73656372657497486CAA225FE877C035CC0373236D51
> --------end file-------------------------------------------------------------------------
>
> -------Bash script-------------------------------------------------------------------------
> #!/bin/bash
> declare -i count
>
> a=$(cat hex | xxd -p -r | md5 -r | awk '{print $1}')
> for (( count = 0 ; count < 10000; count++))
>
> do
> a=$(echo -en "$a" | xxd -p -r | md5 -r | awk '{print $1}')
> done
> echo " done"
> echo "$a"
> exit 0
> ---------------------end bash script--------------------------------------
>
>
> Also rather than paste all 10k lines (x 3-4) here is a python script
> that generates the dynamic conf
>
> ---------------python script---------------------------------------------
> print "#######################################################################"
> print "# Dynamic Type for algorithm used in gauss malware
> md5(md5(path.file.$s))^^10000"
> print "#######################################################################"
> print "[List.Generic:dynamic_2033]"
> print "# Flag needed here, is Salt"
> print "Flag=MGF_SALTED"
> #print "SaltLen=16"
> print "Func=DynamicFunc__clean_input"
> print "Func=DynamicFunc__append_keys"
> print "Func=DynamicFunc__append_salt"
> print "Func=DynamicFunc__crypt_md5"
>
> print "Func=DynamicFunc__clean_input2"
> print "Func=DynamicFunc__append_from_last_output_to_input2_as_base16"
> for i in range(10000):
>         print "Func=DynamicFunc__crypt2_md5"
>         print "Func=DynamicFunc__clean_input2_kwik"
>         print "Func=DynamicFunc__append_from_last_output2_as_base16"
> print "Func=DynamicFunc__crypt_md5_in2_to_out1"
> #print "Test=$dynamic_2033$23d7b45123f84ffb713569c22ebd7230$HEX$97486CAA225FE877C035CC0373236D51:test"
> #print "Test=$dynamic_2033$7f6d15c16720a432493ba0fb1556e0a3$HEX$97486CAA225FE877C035CC0373236D51:test"
> print "Test=$dynamic_2033$6d7affd7203134e7c13dad602a9b4282$HEX$97486CAA225FE877C035CC0373236D51:secret"
>
> ------------------End python
> scrip--------------------------------------------------
>
> So as you can see, I've been running some other tests as well. For a
> single round of hashing everything works ok, but when I try to re-hash
> it the self check fails vs. the output generated by the bash script,
> (with me limiting the bash script to 1 rehash as well).
>
> Note, one other issue that eventually will have to be dealt with is
> how the input string is encoded with the real data. aka instead of
> C:\Program Files..... it has a null '00' between each character so
> you'll have to try C.:.\.P.r.o.g.r.a.m...F.i.l.e.s.....
>
> 2nd Note: I'm also using "test" and "secret" right now for my test
> hashes since I haven't been able to figure out how to get the sample
> on the website to work correctly in the dynamic config since it has a
> ":" in it.
>
> I'm actually going camping in a couple of minutes so I apologize if I
> don't respond to e-mails for the rest of the weekend, but I wanted to
> post my current status before I left.
>
> Thanks,
> Matt
>
>
> On Fri, Aug 17, 2012 at 8:41 AM,  <jfoug@....net> wrote:
>>
>> On Fri, Aug 17, 2012 at 7:31 AM, jfoug@....net wrote:
>>
>>> On Fri, Aug 17, 2012 at 12:40 AM, Solar Designer wrote:
>>>>
>>>> I thought that maybe the implementation of phpass in the dynamic
>>>> format was generic enough - but it is not.  Its loop is hardcoded in
>>>> DynamicFunc__PHPassCrypt().  So it seems like the current dynamic format
>>>> is incapable of arbitrary loops.  This may be something for JimF to
>>>> enhance - not for this specific target, but in general.
>>>
>>>
>>> There is no looping, or variables, or much of any other 'fancy' things in
>>> dynamic.  Mostly, it is an array of very simple function pointers, such as:
>>> clear-this-buffer, append-this-string, crypt-this-buffer,
>>> convert-this-to-base-16-and-append-to-buffer, etc, etc.  Those are not the
>>> real function names, but that is pretty much 'what' they do, and how much
>>> smarts they have.
>>>
>>> So if you wanted to (with current dynamic), do 10k crypt of the crypt, you
>>> would simply have to build a format with whatever initialization code was
>>> needed to get things 'started', and then 10k of these (well, 9999 of the 2nd
>>> part):
>>>
>>> DynamicFunc__crypt_md5_in1_to_out2
>>> DynamicFunc__clean_input2
>>> DynamicFunc__append_from_last_output2_as_raw
>>> DynamicFunc__crypt2_md5()
>>> DynamicFunc__clean_input2_kwik
>>> DynamicFunc__append_from_last_output2_as_raw
>>> DynamicFunc__crypt2_md5()
>>> DynamicFunc__clean_input2_kwik
>>> DynamicFunc__append_from_last_output2_as_raw
>>>
>>> // 9996 more of the:
>>> DynamicFunc__clean_input2_kwik
>>> DynamicFunc__overwrite_from_last_output2_as_base16_no_size_fix
>>
>>
>> Sorry, wrong, code, should have been
>> DynamicFunc__append_from_last_output2_as_raw
>>
>> That was cut/paste from some code that did not match this problem.
>>
>>
>>> DynamicFunc__crypt2_md5()
>>>
>>> // then a final
>>> DynamicFunc__clean_input2_kwik
>>> DynamicFunc__overwrite_from_last_output2_as_base16_no_size_fix
>>
>>
>> Same problem here, should have been
>> DynamicFunc__append_from_last_output2_as_raw
>>
>>> DynamicFunc__crypt_md5_in2_to_out1
>>
>>
>> ....
>>
>>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.