Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 15 Aug 2011 16:28:28 +0200
From: groszek <necro@...icon.pl>
To: john-dev@...ts.openwall.com
Subject: Variable length hash cracking

Hi.
I'm currently playing around adding a "special" type of attack on
hashes. Basically it's all the standard "raw" algorithms, but able to
crack the hash even if we have only N chars of the hash.

For example:
md5(password) = 5f4dcc3b5aa765d61d8327deb882cf99

Now let's say I only have "5f4dcc3b" of the hash. Because someone did a
showup after his 0-day and blurred out other parts of the screen, so
only beginning of the hash is shown. Is it possible to crack this hash?
Absolutly yes. Of course, the less chars we have the more plausible it
is for fake-positive crack to show up, and that's another question from me.

Basically, I have two problems:
1. how can I implement cmp_all() in my custom format? I want to memcmp()
only as much chars, as the file we're cracking gives. If I have an entry
with "lol:5f4dcc3b" I want it to memcmp(binary, crypt_out, 4). How do I
get this length? I tried the obvious to get it from functions split() or
valid() but it's no-go, it sets to the length of test suite or just
anything else. Of course one file may contain hashes with 4 bytes or 5
bytes or anything between 3-16 bytes in case of example md5. So my
compare function should take it into account and always use the valid
length for given entry.

2. I want jtr to save "cracked" candidate passwords, but not remove
given entry from the cracking process. Because of plausible fake
positives it is pretty much required.

Any help? Thanks in advance!


btw. I'm simply trying to port braindead, old project of mine that had
this feature into JTR with it's superior word generator and such :)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.