Date: Tue, 24 Jul 2012 13:01:54 -0500 From: "jfoug" <jfoug@....net> To: <john-dev@...ts.openwall.com> Subject: RE: Add support for cracking M$ Outlook's PST files Here is a faster version. It uses the pkzip.h crc table, But still 'can' use the pst-crc.h file also (just slower). I changed the OMP scale, and scale of non OMP builds (Dhiru, for fast hashes, you really need to change these, and stop using existing code you did for slow formats). For this code, there is a #define within crypt_all. If that is set to 1, your header file code is used. If set to 0 (where it is set now), the pkzip code is used. The only difference from 'normal' CRC32 (like in pkzip) and this PST crc, is in the initialization, and lack of complement on ending. But the crc poly is the same, and this is trivial to setup to use the existing tables. The code was 'falsely' thinking that doing these CRC's 4 bytes at a time was faster. It may be faster on longer strings, but on shorter stuff (like JTR password cracking), the initial and post for loops slow things down beyond the gains seen. Here are my benches: Original code with 1 for MAX_KEYS_PER_CRYPT $ ../run/john -test=5 -form=pst Benchmarking: PST custom CRC32 [32/32]... DONE Raw: 15876K c/s real, 15908K c/s virtual Original code, but with 256 for MAX_KEYS_PER_CRYPT $ ../run/john -test=5 -form=pst Benchmarking: PST custom CRC32 [32/32]... DONE Raw: 22919K c/s real, 22970K c/s virtual PST using the pkzip crc header macros (256 keys) $ ../run/john -test=5 -form=pst Benchmarking: PST custom CRC32 [32/32]... DONE Raw: 33267K c/s real, 33296K c/s virtual The CRC32 format. (as a reference) $ ../run/john -test=5 -form=crc32 Benchmarking: CRC-32 [32/32]... DONE Many salts: 65184K c/s real, 65200K c/s virtual Only one salt: 33053K c/s real, 33037K c/s virtual I think this 'could' be done in crc format, with salt of 00000000, but I would have to check. The complement may have messed things up. I also did not include the changes needed to get this working with bleeding. This is magnum-jumbo only. Jim. >On Tuesday, July 24, 2012 10:33 AM: Dhiru Kholia wrote, > >The attached patch (against magnum-jumbo branch) adds support for >cracking M$ Outlook's PST files. In my experience, CRC32 (custom >version) collisions can be generated in less than 15 minutes on AMD X3 >720 CPU (1 core). > >There is one warning in the code "pst-crc32.h:554:25: warning: cast from >pointer to integer of different size" which needs fixing. magnum, Can >you take a look? Download attachment "0001-Add-support-for-cracking-M-Outlook-s-PST-files-v2.patch" of type "application/octet-stream" (1329 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.