Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Fri, 17 May 2013 19:11:09 -0400
From:  <jfoug@....net>
To: john-dev@...ts.openwall.com
Subject: Rewrite of the -regen-lost-salts code

This code has been re-written.  It has been simplified quite a bit, but much more powerful.

It is now 'generic' where before it was hard coded to just a couple thin dynamic formats. It can now be used with arbitrary dynamic functions (not just the 3 or 4 that were hard coded before). This version also allows user defined salt character sets and literal constants, allowing pretty much any salt format to be handled.

The new option line is:    --regen-lost-salt=type:hashlen:mask    Type is dynamic_x (such as dynamic_9).  The length is the length of the raw hash string (32 for md5, etc).  The mask is a way to describe the salt (such as ?d?d?d- for mediawiki which is a decimal number appended with a literal '-' char)  So what used to be:

--regen-lost-salt=3  (for media wiki)  would now be --regen-lost-salt=dynamic_9:32:?d?d?d-    (Actually, --regen-lost-salt=1 to --regen-lost-salt=6 will still work, but are deprecated).

The types can also be user defined (in john.conf).   There is a new document,  Regen-Lost-Salts.txt which documents everything.  there are ?d for decimal, ?y for 95 ascii chars ?0 for user type 0 (in john.conf) ?1 for user type 1, etc. There is about a dozen built in mask types, and ability to add 10 of them in john.conf.  Each character position CAN have a different mask type.  This is explained in the documentation.

The code outside of the 'fake_salts.c' has been simplified quite a bit (in cracker.c and loader.c). Also all added code to files such as PHPS_fmt_plug.c, mediawiki_fmt.c, etc that was specially there for the older regen-salts have been removed.  There is now just a simple insertion point within dynamic prepare() function, that gets everything done, and cracker and loader.c simply have a single if check and if we are in regen salt mode, a simple single function call replaces all of the inline code we had before.

The '-show' function does not work, but the hashes with CORRECT salts do get written to the .pot file.  The reason -show does not work, is due to the input file simply being raw hashes, without the salt.   I am not sure at this time, if I can get that working or not (likely not).  The only way to get it working would be to replace the original 'raw' hash, with a proper fixed hash, that includes the correct salt, within the input file.  I did 'remove' code from each of the thin format's valid() function.  It may be this code was added at one time to get -show working.   It mentioned a DEEP search, but seemed by comment to mean normal regen-salt searching.  It does not appear to be required, but it may need to be put back in, into dynamic's valid

Jim.
Download attachment "JtR-bleeding-regen-lost-salts-rewrite.patch" of type "application/octet-stream" (55248 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.