Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 6 Jun 2007 23:13:18 +0400
From: Solar Designer <solar@...nwall.com>
To: announce@...ts.openwall.com
Subject: [openwall-announce] Owl-current 2007/06/01 ISO; LM/NTLMv1 C/R and better NTLM for JtR

Hi,

This is to announce the availability of a new ISO-9660 image for the
development branch of Openwall GNU/*/Linux (Owl-current), as well as
updates to contributed patches for John the Ripper.

1. There's a new ISO-9660 image of Owl-current dated 2007/06/01.  The
following packages have been significantly updated since the last ISO
snapshot (January 9, 2007): PCRE, strace, BIND, OpenSSL, GnuPG, lftp,
ELinks, file, Mutt, owl-cdrom.

New with this ISO is support for booting off SATA and USB CD-ROM drives,
in addition to IDE and SCSI ones that were supported previously.
(Obviously, not all SATA and SCSI controllers are supported, but the
goal is to include support for common ones.)

As usual, the major changes are documented here:

	http://www.openwall.com/Owl/CHANGES-current.shtml

and the ISO image can be downloaded from under /pub/Owl/current/iso (or
equivalent) on the FTP mirrors:

	http://www.openwall.com/Owl/DOWNLOAD.shtml

(The mirrors in Poland and Sweden do not yet have this new ISO.  We'll
try to fix that.  Meanwhile, please use any of the remaining mirrors.)

2. JoMo-Kun has contributed a patch to add support for cracking of
sniffed LM/NTLMv1 challenge/response exchanges to John the Ripper.  The
patch is now listed on John the Ripper homepage and it is a part of the
latest revision of the jumbo patch for John the Ripper 1.7.2:

	http://www.openwall.com/john/

The following john-users posting describes a usage scenario for this
functionality:

	http://www.openwall.com/lists/john-users/2007/05/31/1

3. Alain Espinosa's NTLM (MD4-based) hashes support patch for John the
Ripper has been further updated to include optional SSE2 code for x86
and x86-64, resulting in even better performance.  On "plain" SSE2, it
will try 5 candidate passwords in parallel.  On x86-64 extended SSE2, it
will try as many as 8 candidate passwords in parallel.  The actual
speedup measured on some current CPUs (Intel Core 2) is up to 2.5x, with
older CPUs seeing little speedup.

This new patch can be downloaded from John the Ripper homepage at the
URL given above, and it has also been merged into the jumbo patch.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15
http://www.openwall.com - bringing security into open computing environments

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.