Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 01 Apr 2014 22:04:08 +0200
From: "-.-PhanTom-.-" <phantom@...uribox.net>
To: john-users@...ts.openwall.com
Subject: Re: Loopback and encoding enhancements

On 29-03-2014 22:36, magnum wrote:
> Invasive changes to bleeding-jumbo has been committed. Some new features:
> - The loopback mode can now assemble LM password halves. It's a 
> nefarious hack, but it works like a champ.
> - You can now specify a "hashed encoding" so you can use UTF-8 
> wordlists for cracking eg. LM hashes.
> - You can even specify an "intermediate encoding" for the rules engine 
> to use when both wordlists and output hashes are UTF-8. This has some 
> performance penalty but might come very handy. If you use it when 
> attacking a Unicode format (eg. NT) it will automatically pick the 
> faster way of doing it (no extra conversion).
> - You can set defaults for most everything in john.conf so you'll end 
> up normally not needing to specify any encodings.
>
>
> Details in doc/ENCODING. Examples (using recommended settings in 
> john.conf - *not* the backward-compatible defaults as shipped):
>
> $ file test
> test: UTF-8 Unicode text
>
> $ cat test
> Müller:101:fb0c033ca6248c12aad3b435b51404ee:062de529e54e31079861ec97d666a44f::: 
>
> Kübelwagen:102:507cf8a61eb3998e0e3012ff9bfbece4:8afdd1e6003511ee39c3b10254255ef5::: 
>
>
> $ ../run/john test -format:lm --single
> Using default input encoding: UTF-8
> Target encoding: CP850
> Loaded 3 password hashes with no different salts (LM [DES 128/128 
> AVX-16])
> Press 'q' or Ctrl-C to abort, almost any other key for status
> GEN              (Kübelwagen:2)
> KÜBELWA          (Kübelwagen:1)
> MÜLLER           (Müller)
> 3g 0:00:00:00 DONE (2014-03-29 01:01) 300.0g/s 12800p/s 12800c/s 
> 38400C/s KÜBELWA..KÜBE1WA
> Warning: passwords printed above might be partial
> Use the "--show" option to display all of the cracked passwords reliably
> Session completed
>
> John picked defaults of UTF-8 for input files and CP850 for LM hashes. 
> This also meant that the rules engine and/or the format's internal 
> upper-casing of candidates worked for the non-ASCII character. On top 
> of that the output was correct for my UTF-8 terminal, despite the 
> actual encoding being CP850. The results were also encoded in UTF-8 in 
> the pot file, which is arguable - but it's a prerequisite for the next 
> example:
>
>
> $ ../run/john test -format:nt --loopback
> Rules engine using CP850 for Unicode
> Loaded 2 password hashes with no different salts (NT [MD4 128/128 X2 
> SSE2-16])
> Assembling cracked LM halves for loopback
> Loop-back mode: Reading candidates from pot file $JOHN/john.pot
> Press 'q' or Ctrl-C to abort, almost any other key for status
> Kübelwagen       (Kübelwagen)
> müller           (Müller)
> 2g 0:00:00:00 DONE (2014-03-29 01:01) 200.0g/s 3200p/s 3200c/s 6400C/s 
> mÜller..müllermüller
> Use the "--show" option to display all of the cracked passwords reliably
> Session completed
>
> In the second example, John picked defaults of UTF-8 for input files 
> and CP850 for "intermediate" encoding (although without any extra 
> speed penalty because NT can take any encoding without a second 
> conversion). The loopback mode assembled the LM halves and the default 
> loopback rule case-toggled the candidates to success.
>
> magnum
>
>
Hi Magnum

I am not sure if I am doing something wrong, but tried to compile a 
version of bleeding that I downloaded today (15 min ago using "git clone 
git:\/\/github.com/magnumripper/JohnTheRipper -b bleeding-jumbo 
JtR-Bleeding"), and the compile failed  - like some openssl part is 
missing? :/ (see below)

phantom@...ntu:~/JtR-Bleeding/src$ make clean linux-x86-64-avx
rm -f ../run/john ../run/unshadow ../run/unafs ../run/unique 
../run/undrop ../run/ssh2john ../run/rar2john ../run/zip2john 
../run/genmkvpwd ../run/mkvcalcproba ../run/calc_stat ../run/tgtsnarf 
../run/racf2john ../run/mozilla2john ../run/hccap2john 
../run/pwsafe2john ../run/raw2dyna ../run/keepass2john ../run/pfx2john 
../run/keychain2john ../run/keyring2john ../run/kwallet2john 
../run/dmg2john ../run/putty2john john.local.conf ../run/uaf2john 
../run/truecrypt_volume2john ../run/keystore2john ../run/wpapcap2john 
../run/gpg2john ../run/luks2john ../run/john.bin ../run/john.com 
../run/unshadow.com ../run/unafs.com ../run/unique.com ../run/undrop.com 
../run/ssh2john.com ../run/rar2john.com ../run/zip2john 
../run/racf2john.com ../run/mozilla2john.com ../run/hccap2john.com 
../run/pwsafe2john.com ../run/keepass2john.com ../run/pfx2john.com 
../run/keychain2john.com ../run/keyring2john.com ../run/kwallet2john.com 
../run/dmg2john.com ../run/putty2john.com john.local.conf 
../run/gpg2john.com ../run/john.exe ../run/unshadow.exe ../run/unafs.exe 
../run/unique.exe ../run/undrop.exe ../run/ssh2john.exe 
../run/rar2john.exe ../run/zip2john.exe ../run/genmkvpwd.exe 
../run/mkvcalcproba.exe ../run/calc_stat.exe ../run/racf2john.exe 
../run/mozilla2john.exe ../run/hccap2john.exe ../run/pwsafe2john.exe 
../run/raw2dyna.exe ../run/keepass2john.exe ../run/pfx2john.exe 
../run/keychain2john.exe ../run/keyring2john.exe ../run/kwallet2john.exe 
../run/dmg2john.exe ../run/putty2john.exe john.local.conf 
../run/gpg2john.exe ../run/john-mingw.exe ../run/unshadow.exe 
../run/unafs.exe ../run/unique.exe ../run/undrop.exe ../run/ssh2john.exe 
../run/rar2john.exe ../run/zip2john.exe ../run/genmkvpwd.exe 
../run/mkvcalcproba.exe ../run/calc_stat.exe ../run/racf2john.exe 
../run/mozilla2john.exe ../run/hccap2john.exe ../run/pwsafe2john.exe 
../run/raw2dyna.exe ../run/keepass2john.exe ../run/pfx2john.exe 
../run/keychain2john.exe ../run/keyring2john.exe ../run/kwallet2john.exe 
../run/putty2john.exe john.local.conf ../run/gpg2john.exe
rm -f ../run/SIPdump ../run/vncpcap2john
rm -f ../run/john.exe john-macosx-* *.o escrypt/*.o *.bak core
rm -f ../run/kernels/*.cl ../run/kernels/*.h ../run/kernels/*.bin
rm -f detect bench para-bench generic.h arch.h tmp.s
rm -f cuda/*.o cuda/*~ *~
rm -f fmt_registers.h fmt_externs.h john_build_rule.h
cp /dev/null Makefile.dep
ln -f -s x86-64.h arch.h
make ../run/john ../run/unshadow ../run/unafs ../run/unique 
../run/undrop ../run/ssh2john ../run/rar2john ../run/zip2john 
../run/genmkvpwd ../run/mkvcalcproba ../run/calc_stat ../run/tgtsnarf 
../run/racf2john ../run/mozilla2john ../run/hccap2john 
../run/pwsafe2john ../run/raw2dyna ../run/keepass2john ../run/pfx2john 
../run/keychain2john ../run/keyring2john ../run/kwallet2john 
../run/dmg2john ../run/putty2john john.local.conf ../run/uaf2john 
../run/truecrypt_volume2john ../run/keystore2john ../run/wpapcap2john 
../run/gpg2john ../run/luks2john \
         JOHN_OBJS="john-mpi.o DES_fmt.o DES_std.o DES_bs.o DES_bs_b.o 
BSDI_fmt.o MD5_fmt.o MD5_std.o BF_fmt.o BF_std.o scrypt_fmt.o 
escrypt/crypto_scrypt-best.o escrypt/crypto_scrypt-common.o 
escrypt/sha256.o AFS_fmt.o LM_fmt.o trip_fmt.o timer.o md5_go.o md5.o 
rc4.o hmacmd5.o base64.o md4.o sha2.o dynamic_fmt.o dynamic_parser.o 
dynamic_preloads.o dynamic_utils.o dynamic_big_crypt.o hmacMD5_fmt.o 
hmacSHA1_fmt.o django_fmt.o truecrypt_fmt.o SKEY_fmt.o ssh_fmt.o 
ssh2john.o pfx_fmt.o pfx2john.o unrarcmd.o unrarfilter.o unrarhlp.o 
unrar.o unrarppm.o unrarvm.o rar_fmt.o rar2john.o rawSHA0_fmt.o 
zip_fmt.o zip2john.o gladman_hmac.o gladman_pwd2key.o racf2john.o 
keychain2john.o kwallet2john.o pwsafe2john.o dmg2john.o keepass2john.o 
keyring2john.o keystore2john.o truecrypt_volume2john.o wpapsk_fmt.o 
hccap2john.o mozilla_fmt.o KeyDBCracker.o mozilla_des.o lowpbe.o 
mozilla2john.o krb5-18_fmt.o krb5-23_fmt.o 7z_fmt_plug.o 
aesni_o5logon_fmt_plug.o agilekeychain_fmt_plug.o aix_smd5_fmt_plug.o 
aix_ssha_fmt_plug.o androidfde_fmt_plug.o asaMD5_fmt_plug.o 
BFEgg_fmt_plug.o bitcoin_fmt_plug.o blackberry_ES10_fmt_plug.o 
blake2b_plug.o blake2b-ref_plug.o blockchain_fmt_plug.o chap_fmt_plug.o 
citrix_ns_fmt_plug.o clipperz_srp_fmt_plug.o cloudkeychain_fmt_plug.o 
crc32_fmt_plug.o cryptsha256_fmt_plug.o cryptsha512_fmt_plug.o 
django_scrypt_fmt_plug.o DMD5_fmt_plug.o dmg_fmt_plug.o 
DOMINOSEC_fmt_plug.o dragonfly3_fmt_plug.o dragonfly4_fmt_plug.o 
drupal7_fmt_plug.o ecryptfs_fmt_plug.o efs_fmt_plug.o encfs_fmt_plug.o 
EPI_fmt_plug.o episerver_fmt_plug.o feal8_plug.o FGT_fmt_plug.o 
formspring_fmt_plug.o gost_fmt_plug.o gpg_fmt_plug.o haval_fmt_plug.o 
haval_plug.o HDAA_fmt_plug.o hmacSHA224_fmt_plug.o hmacSHA256_fmt_plug.o 
hmacSHA384_fmt_plug.o hmacSHA512_fmt_plug.o hmailserver_fmt_plug.o 
idea_plug.o ike_fmt_plug.o IPB2_fmt_plug.o KeccakDuplex_plug.o 
KeccakF-1600-opt32_plug.o KeccakF-1600-opt64_plug.o 
KeccakNISTInterface_plug.o KeccakSponge_plug.o keepass_fmt_plug.o 
keychain_fmt_plug.o keyring_fmt_plug.o keystore_fmt_plug.o 
KRB4_fmt_plug.o KRB4_std_plug.o KRB5_fmt_plug.o krb5pa-md5_fmt_plug.o 
krb5pa-sha1_fmt_plug.o KRB5_std_plug.o kwallet_fmt_plug.o 
lastpass_fmt_plug.o lastpass_sniffed_fmt_plug.o lotus5_fmt_plug.o 
lotus85_fmt_plug.o luks_fmt_plug.o md2_fmt_plug.o md2_plug.o 
md4_gen_fmt_plug.o mediawiki_fmt_plug.o mongodb_fmt_plug.o 
mscash1_fmt_plug.o mscash2_fmt_plug.o MSCHAPv2_bs_fmt_plug.o 
mssql05_fmt_plug.o mssql12_fmt_plug.o mssql-old_fmt_plug.o 
mysql_fmt_plug.o mysql_netauth_fmt_plug.o mysqlSHA1_fmt_plug.o 
NETLM_fmt_plug.o NETLMv2_fmt_plug.o net_md5_fmt_plug.o 
NETNTLM_bs_fmt_plug.o NETNTLMv2_fmt_plug.o net_sha1_fmt_plug.o 
NETSPLITLM_fmt_plug.o NS_fmt_plug.o nsldap_fmt_plug.o nt2_fmt_plug.o 
ntlmv1_mschapv2_fmt_plug.o nukedclan_fmt_plug.o o5logon_fmt_plug.o 
odf_fmt_plug.o office_fmt_plug.o oldoffice_fmt_plug.o 
openssl_enc_fmt_plug.o oracle11_fmt_plug.o oracle_fmt_plug.o 
osc_fmt_plug.o panama_fmt_plug.o panama_plug.o 
pbkdf2-hmac-sha1_fmt_plug.o pbkdf2_hmac_sha256_fmt_plug.o 
pbkdf2-hmac-sha512_fmt_plug.o pdfcrack_md5_plug.o pdf_fmt_plug.o 
phpassMD5_fmt_plug.o PHPS_fmt_plug.o pixMD5_fmt_plug.o pkzip_fmt_plug.o 
PO_fmt_plug.o postgres_fmt_plug.o pst_fmt_plug.o putty_fmt_plug.o 
pwsafe_fmt_plug.o racf_fmt_plug.o radmin_fmt_plug.o rakp_fmt_plug.o 
rar5_fmt_plug.o rawBLAKE2_512_fmt_plug.o rawKeccak_256_fmt_plug.o 
rawKeccak_512_fmt_plug.o rawMD4_fmt_plug.o rawMD5_fmt_plug.o 
rawmd5u_fmt_plug.o rawSHA1_fmt_plug.o rawSHA1_linkedIn_fmt_plug.o 
rawSHA224_fmt_plug.o rawSHA256_fmt_plug.o rawSHA384_fmt_plug.o 
rawSHA512_fmt_plug.o ripemd_fmt_plug.o ripemd_plug.o 
salted_sha1_fmt_plug.o sapB_fmt_plug.o sapG_fmt_plug.o 
sha1_gen_fmt_plug.o siemens-s7_fmt_plug.o sip_fmt_plug.o 
skein_fmt_plug.o skein_plug.o snefru_fmt_plug.o snefru_plug.o 
ssha512_fmt_plug.o ssh_ng_fmt_plug.o strip_fmt_plug.o sunmd5_fmt_plug.o 
sxc_fmt_plug.o SybaseASE_fmt_plug.o SybasePROP_fmt_plug.o 
syb-prop_repro_plug.o tcp_md5_fmt_plug.o tiger_fmt_plug.o tiger_plug.o 
uaf_encode_plug.o vms_fmt_plug.o vnc_fmt_plug.o wbb3_fmt_plug.o 
whirlpool_fmt_plug.o whirlpool_plug.o wow_srp_fmt_plug.o 
XSHA512_fmt_plug.o XSHA_fmt_plug.o rawSHA1_ng_fmt.o rawSHA256_ng_fmt.o 
rawSHA512_ng_fmt.o rawSHA256_ng_i_fmt.o rawSHA512_ng_i_fmt.o plugin.o 
dummy.o NT_fmt.o gost.o common-gpu.o batch.o bench.o charset.o common.o 
compiler.o config.o cracker.o crc32.o external.o formats.o getopt.o 
idle.o inc.o john.o list.o loader.o logger.o mask.o math.o memory.o 
misc.o options.o params.o path.o recovery.o rpp.o rules.o signals.o 
single.o status.o tty.o wordlist.o mkv.o mkvlib.o listconf.o 
fake_salts.o win32_memmap.o unicode.o unshadow.o unafs.o undrop.o 
regex.o unique.o putty2john.o gpg2john.o c3_fmt.o x86-64.o 
sse-intrinsics.o" \
         CFLAGS_MAIN="-c -Wall -Wdeclaration-after-statement -O2 
-fomit-frame-pointer -I/usr/local/include  `pkg-config 2>/dev/null 
--cflags nss` `pkg-config 2>/dev/null --exists nss && echo -DHAVE_NSS` 
`find 2>&1 /usr/include /usr/local/include -name "gmp.h" | grep -q 
"gmp.h" && echo -DHAVE_GMP` `find 2>&1 /usr/include/ /usr/local/include/ 
-name "krb5.h" | grep -q "krb5.h" && echo -DHAVE_KRB5` -DJOHN_AVX 
-DHAVE_CRYPT -DHAVE_DL" \
         CFLAGS="-c -Wall -Wdeclaration-after-statement -O2 
-fomit-frame-pointer -I/usr/local/include  `pkg-config 2>/dev/null 
--cflags nss` `pkg-config 2>/dev/null --exists nss && echo -DHAVE_NSS` 
`find 2>&1 /usr/include /usr/local/include -name "gmp.h" | grep -q 
"gmp.h" && echo -DHAVE_GMP` `find 2>&1 /usr/include/ /usr/local/include/ 
-name "krb5.h" | grep -q "krb5.h" && echo -DHAVE_KRB5` -mavx 
-DHAVE_CRYPT -DHAVE_DL" \
         ASFLAGS="-c   -mavx" \
         LDFLAGS="-s -L/usr/local/lib -L/usr/local/ssl/lib -lssl 
-lcrypto -lm -lz  `pkg-config 2>/dev/null --libs nss` `find 2>&1 
/usr/include /usr/local/include -name "gmp.h" | grep -q "gmp.h" && echo 
-lgmp` `find 2>&1 /usr/include/ /usr/local/include/ -name "krb5.h" | 
grep -q "krb5.h" && echo -lk5crypto -lkrb5`   -lcrypt -ldl"
make[1]: Entering directory `/home/phantom/JtR-Bleeding/src'
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops john-mpi.c -o john-mpi.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops DES_fmt.c -o DES_fmt.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops DES_std.c -o DES_std.o
DES_std.c: In function ‘DES_std_set_key’:
DES_std.c:636:17: warning: array subscript is above array bounds 
[-Warray-bounds]
    while (DES_key[i++]) k += 2;
                  ^
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops DES_bs.c -o DES_bs.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL -Os 
-funroll-loops -finline-functions DES_bs_b.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops BSDI_fmt.c -o BSDI_fmt.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops MD5_fmt.c -o MD5_fmt.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops MD5_std.c -o MD5_std.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops BF_fmt.c -o BF_fmt.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops BF_std.c -o BF_std.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops scrypt_fmt.c -o scrypt_fmt.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops escrypt/crypto_scrypt-best.c -o escrypt/crypto_scrypt-best.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops escrypt/crypto_scrypt-common.c -o 
escrypt/crypto_scrypt-common.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops escrypt/sha256.c -o escrypt/sha256.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops AFS_fmt.c -o AFS_fmt.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops LM_fmt.c -o LM_fmt.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops trip_fmt.c -o trip_fmt.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops timer.c -o timer.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops md5_go.c -o md5_go.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops md5.c -o md5.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops rc4.c -o rc4.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops hmacmd5.c -o hmacmd5.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops base64.c -o base64.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops md4.c -o md4.o
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer 
-I/usr/local/include          -mavx -DHAVE_CRYPT -DHAVE_DL 
-funroll-loops sha2.c -o sha2.o
In file included from sha2.c:26:0:
sha2.h:34:30: fatal error: openssl/opensslv.h: No such file or directory
  #include <openssl/opensslv.h>
                               ^
compilation terminated.
make[1]: *** [sha2.o] Error 1
make[1]: Leaving directory `/home/phantom/JtR-Bleeding/src'
make: *** [linux-x86-64-avx] Error 2
phantom@...ntu:~/JtR-Bleeding/src$


Regards

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.