Date: Tue, 15 Jun 2010 09:19:22 +0400 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: 1.7.6-jumbo-2 Hi, I've updated the jumbo patch to John the Ripper 1.7.6. I started with a mere update to the new version, resulting in john-1.7.6-jumbo-1. This revision of the patch was shortly moved to historical/ (where it can be found now), replaced by 1.7.6-jumbo-2. http://www.openwall.com/john/#contrib http://download.openwall.net/pub/projects/john/contrib/historical/ 1.7.6-jumbo-2 integrates jmk's john-1.7.5-jumbo-3-netv2-fix.diff from: http://www.openwall.com/lists/john-users/2010/05/14/1 It also fixes a number of other issues with contributed code that I had integrated previously. Specifically, "make generic" should work again (it does for me), which was broken with JimF's changes. Also, I've changed the default for --fix-state-delay to be 0 (disabling this optimization), because a higher default resulted in an interrupted and restored session re-doing a lot of work (even if interrupted cleanly!) when cracking slow and salted hashes. Those of you cracking raw MD5 hashes and the like with large wordlists may specify this option with a non-zero argument explicitly (the old default was 64). Besides the fixes, I've integrated the following old contributions: john-1.6.krb4.patch-3.gz, john-1.6.skey.patch-1.gz (these two were contributed in 1999-2000 by Dug Song), john-1.7-digestmd5-1.diff.gz (contributed in 2006 by regenrecht), and Perl scripts from john-1.6-nsldaps4.diff.gz (the C code from this patch was already integrated). The Kerberos v4 TGT module, after my updates for compatibility with OpenSSL 0.9.7+, should be actually functional - at least it builds cleanly and the tests pass. Also, the tgtsnarf program gets built just fine. I imagine that it'll fail to build on some of the systems otherwise supported by JtR, though, because it is the only one in JtR that makes use of sockets. The S/Key module, as integrated, is completely untested. To enable it, add/uncomment -DHAVE_SKEY and -lskey in the Makefile, then build and test on a system with the S/Key library (perhaps a *BSD). The DIGEST-MD5 authentication module is poorly implemented, but I decided to integrate everything that I could anyway, so it finally got in. It requires that the authentication data to attack be specified right in DMD5_fmt.c at compile-time. This module specifies no tests, hence it is excluded from the benchmarks/testing by default (and it fails the test with "no data" if forced). As usual, any feedback is welcome. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.