Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 12 Nov 2007 09:49:00 +0100
From: Simon Marechal <>
Subject: Re: bitslice implementation of ORACLE hash cracking

Solar Designer a écrit :
> On Sun, Nov 11, 2007 at 07:38:02PM +0000, Larry Bonner wrote:
>> the algorithm (after looking at Simon Marechal's patch) is roughly..
> BTW, Simon, I don't recall - is there a reason why this stuff is not in
> the jumbo patch?  Would you submit a patch suitable for merging into the
> jumbo patch?

No specific reason except that I do not believe the half-assed ciphers I 
added are worth the work. As you'll see it's very slow and would 
tremendously be sped up by proper buffering / use of the bitsliced code. 
I never did this because 99% of oracle passwords seem to be equal to the 
login ...

As always it *seems* to work (like the salted ldap one seemed to work, 
but really did not :) on my computer, and was intended as a test of the 
reverse work behind the "rediscovery" of this algorithm.

My "current" tree has all the up to date data needed for an up to date 
creation of the jumbo patch, at 
It also should not give much work to the patch compiler as it's almost 
always one more _fmt.c file, slights changes in john.c/options.c and a 
few loader.c hacks.

There is also the "markov" mode which I found to be very effective on 
french passwords, and "solves" some of the problems related to cracking 
long passwords.

Download attachment "" of type "application/x-gzip" (7925 bytes)

To unsubscribe, e-mail and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.