====== Contributed patches for John the Ripper ====== This is the page and DokuWiki namespace to **upload** unofficial JtR patches to (yes, the wiki supports file uploads). Please do. Links to external websites with JtR patches are also acceptable. Significant updates to this wiki page (such as newly added patches) are to be announced on the [[http://www.openwall.com/lists/john-users/|john-users mailing list]] (in addition to updating the wiki page, //not// instead of that). Truly obsolete patches have been moved to the [[patches_old|patches_old wiki page]]. Whatever way you choose to share your code with the community, please make sure you're [[:how-to-make-patches|generating your patches properly]] and [[licensing|licensing your code properly]]. The difference from the "contributed resources" list on the [[http://www.openwall.com/john/|JtR homepage]] and the [[ftp://ftp.openwall.com/pub/projects/john/contrib/|contrib/ FTP directory]] is that patches and links found on the wiki become available to the community right away, without review by Openwall website and FTP server maintainers. Please refer to these [[how-to-extract-tarballs-and-apply-patches|instructions on how to apply patches]]. ===== Patches included in the latest Jumbo patch (Currently jumbo patch 6 for 1.7.6)===== ^ Patch ^ Author ^ Status/Description ^ | {{john:john-1.7.3.1-generic-crypt-1.diff.gz|generic crypt(3) support}} | [[:people/solar|Solar Designer]] | Status: integrated into 1.7.6+. \\ Normally, JtR uses its own optimized crypto code, but this patch lets it also use the underlying Unix-like system's crypt(3) function. This is particularly useful for [[http://www.openwall.com/lists/john-users/2009/09/02/3|cracking glibc 2.7+ "SHA-crypt" hashes (such as on recent Fedora and Ubuntu)]] until proper "native" support for that is implemented. [[http://www.openwall.com/lists/john-users/2010/02/08/1|Other uses]] are possible as well. | | [[http://rycon.hu/tools/john-1.7.2-MYSQL_fast-2.diff|MySQL(323)-old fast algorithm for 1.7.2]] | Balázs Bucsay | Status: integrated into jumbo patch | | [[http://rycon.hu/tools/john-1.7.3.1-rawMD5_fast-3.diff|raw-MD5 fast algorithm for 1.7.2]] | Balázs Bucsay | Status: integrated into jumbo patch | | [[http://kb.sted.ca:8000/export/241/patches/trunk/jtr-oracle11/john-1.7.2-oracle11.patch|Oracle 11g for 1.7.2]] | Alexandre Hamelin | Status: integrated into jumbo patch | | [[http://kb.sted.ca:8000/export/243/patches/trunk/jtr-oracle11/john-1.7.3.1-oracle11.patch|Oracle 11g for 1.7.3.1]] | Alexandre Hamelin | Status: integrated into jumbo patch | | {{:john:john-1.7.3.4-jimf-after-jumbo-2.diff.gz|JimF patch for 1.7.3.4-jumbo-2}} | JimF | Status: integrated into 1.7.4-jumbo-2 and above. \\ \\ Rollup of all JimF's released patches, with a significant update to generic md5.\\ \\ **This patch should be run on a clean 1.7.3.4 which has had the 1.7.3.4-jumbo-2.diff run.**\\ \\ Included in the patch are:\\ \\ Performance Patch\\ -- Memory file\\ -- Larger hash tables\\ -- Less file IO\\ MinGW and VC porting / #defines\\ Many new options\\ -- Added an optional [=Section] to -single and -rules\\ -- Added an optional [=left] to -show (outputs the hashes uncracked)\\ -- Added an optional [MAX] to the -salt\\ -- Added new option -salt-list=\\ -- Added new option -pot=potfile\\ -- Added new option -nodupes\\ -- Added new option -subformat= (for md5-generic)\\ -- Added new option -field-separator-char=c (allows using a field sep char OTHER than the colon : char\\ MD5 'Generic' processing\\ -- 17 builtin's and running as fast as 'native' formats\\ -- 'hooks' provided so other formats can become VERY thin, and use generic md5.\\ --- phpass format is now 'thin' and linked to gen-md5 code\\ --- PHPS format is now 'thin' and linked to gen-md5 code\\ --- there are others which could be linked, but right now, only these 2\\ -- Formats CAN now be added, without changing john's code\\ --- new formats (over md5_gen(1000) are added to john.conf\\ --- there are many examples in the updated john.conf, along with FULL documentation\\ --- a new file doc\MD5_GENERIC documents how to use generic md5\\ the -v2 of this patch\\ -- 'fixes' a bug that did not allow MMX to work in generic md5\\ -- Improves speed of md5_gen(12) and md5_gen(13)\\ -- fixes a compile warning in wordlist.c\\ -- fixes benchmark discrepancy in phpass | | {{john:filter_for_mkv.diff|Add filter support for markov mode}} | Bartavelle | Status: [[http://www.openwall.com/lists/john-users/2010/03/02/2|revised and merged into 1.7.5-jumbo-2 and above]] | | [[http://www.foofus.net/jmk/tools/jtr/john-1.7.5-jumbo-2-jmk-oracle.diff.gz|Oracle -show Fix for 1.7.5-jumbo-2]] | jmk | Status: merged into 1.7.5-jumbo-3 and above. Patch is against John 1.7.5 with Jumbo-2. \\ john -format:oracle -show doesn't show previously cracked passwords. This patch fixes that issue. | | [[http://www.foofus.net/jmk/tools/jtr/john-1.7.5-jumbo-2-jmk-net.diff.gz| NetLM/NTLM documentation, --config option, netntlm.pl update for 1.7.5-jumbo-2]] | jmk | Status: merged into 1.7.5-jumbo-3 and above. Patch is against John 1.7.5 with Jumbo-2. \\ This patch includes documentation for the challenge/response formats (i.e. NetLM, NetNTLM, NetLMv2 and NetNTLMv2). The netntlm.pl script has been updated based on feedback from the mailing list. This script aids with cracking challenge/response hashes where the first part of the password is known (e.g. from Rainbow Tables). It also adds a "--config" option to john, which is needed for the netntlm.pl script. | | [[http://www.foofus.net/jmk/tools/jtr/john-1.7.5-jumbo-3-netv2-fix.diff|NetLMv2/NetNTLMv2 update for 1.7.5-jumbo-3]] | jmk | Status: merged into 1.7.6-jumbo-2 and above. Patch is against John 1.7.5 with Jumbo-3. \\ This patch fixes a bug which can be encountered when dealing with long client challenges (e.g. the result of Windows 7 -> Windows 7 SMB2 authentication). It also fixes LMv2 bruting for non-uppercase domains and allows for DOMAIN\USER-style account names. | | {{john:john-1.7.6-jumbo-3-krb5-2.diff.gz| krb5}} |?| Status: integrate into jumbo patch \\ Not sure what this does exactly| | {{john:john-1.7.6-single-have_words-fix-1.diff.gz| Single have words fix}} |?| Status: unknown \\ Not sure what this does exactly | ===== Patches not included in the latest Jumbo patch ===== ^ Patch ^ Author ^ Status/Description ^ | {{john:john-1.7.6-fast-des-key-setup-3.diff.gz|Faster bitslice DES key setup for JtR 1.7.6}} | [[:people/solar|Solar Designer]] | Status: separate patch (but also integrated into 1.7.6-omp-des-7 above), currently relevant. \\ This patch speeds up LM hashes by a factor of two (e.g., [[http://www.openwall.com/lists/john-users/2010/07/03/1|17.5M c/s with clean 1.7.6 improves to 39M c/s as seen on "john --test" on a Core i7 920 2.67 GHz]]), but it requires SSE2 and a recent version of gcc (e.g., it works well with [[:internal/gcc-local-build|4.5.0]], but results in horrible performance with 3.4.5). Only tested with the linux-x86-64 make target, but it //might// also work with other -x86-64 and -x86-sse2 targets. | | {{john:john-1.7.5-jumbo-3-md5intrinsics.diff.gz|MD5 crypt written in SSE intrinsics}} | Bartavelle | Status: separate patch, currently relevant. \\ This includes MD5 crypt SSE intrinsics for 64 bit architectures, and targets for clang and icc. This is a git patch, to be applied over the jumbo patch, and it is not formatted as expected. | | [[http://www.foofus.net/jmk/tools/jtr/john-1.7.6-jumbo-5-jmk-mschapv2.diff|MSCHAPv2 patch for 1.7.6-jumbo-5]] | jmk | Status: separate patch, currently relevant. Patch is against John 1.7.6 with Jumbo-5 (but will apply after jumbo 6 patch just fine). \\ This patch add support for bruting MSCHAPv2 challenge/response sets exchanged during network-based authentication attempts.| | {{john:john-1.7.6-jumbo-6-config.diff| Fixes in --config setting}} |jmk| Status: separate patch, currently relevant. \\ This fixes a problem with the "--config" option. (It always returned an "Invalid options combination or duplicate option" error) | ===== Parallel and Distributed Processing Patches ===== ^ Patch ^ Author ^ Status/Description ^ | {{:john:john-1.7.3.1-mpi10.patch.gz|mpi10 patch for 1.7.3.1}} | RB | Status: separate patch, currently relevant. \\ Latest stripped version of bindshell.net MPI patch. | | {{:john:john-1.7.5-mpi10.patch.gz|mpi10 patch for 1.7.5}} | magnum | Status: separate patch, currently relevant. This is just the same as above after hand-editing the rejects | | {{john:john-1.7.6-omp-des-7.diff.gz|Parallelization of bitslice DES with OpenMP, revision 1.7.6-omp-des-7}} | [[:people/solar|Solar Designer]] | Status: separate patch, currently relevant. \\ This is a quick and really dirty yet successful attempt at parallelizing JtR's bitslice DES code with OpenMP directives (requires [[:internal/gcc-local-build|gcc 4.2+ or the like]]). Only tested with gcc 4.5.0 and the linux-x86-64 make target, currently unconditionally uses SSE2 intrinsics. [[http://www.openwall.com/lists/john-users/2010/07/03/1|Provides good performance for traditional DES-based crypt(3) hashes in both the multi-salt and single salt cases, and even better (vs. non-patched) for BSDI-style crypt(3) hashes (since those are slower), and provides some speedup for LM hashes (albeit mostly due to the improved DES key setup (see separate patch below) rather than due to parallelization).]] | | {{john:john-1.7.6-omp-des-4.diff.gz|Parallelization of bitslice DES with OpenMP, revision 1.7.6-omp-des-4}} | [[:people/solar|Solar Designer]] | Status: separate patch, currently relevant. \\ This is a quick and really dirty yet successful attempt at parallelizing JtR's bitslice DES code with OpenMP directives (requires [[:internal/gcc-local-build|gcc 4.2+ or the like]]). Only tested with gcc 4.5.0 and the linux-x86-64 make target (but might work on other platforms). [[http://www.openwall.com/lists/john-users/2010/06/30/2|Provides good performance for traditional DES-based crypt(3) hashes in the multi-salt case, and even better (vs. non-patched) for BSDI-style crypt(3) hashes (since those are slower), but usually does not provide a speedup for LM hashes (too much overhead, key setup not parallelized).]] | | {{john:john-1.7.5-omp-3.diff.gz|Parallelization of bcrypt with OpenMP}} | [[:people/solar|Solar Designer]] | Status: integrated into 1.7.6+. \\ [[http://www.openwall.com/lists/john-users/2010/05/08/1|Parallelize computations of Blowfish-based crypt(3) hashes over multiple CPUs (or CPU cores) with OpenMP (recent gcc, Sun Studio cc).]] | | {{:john:john-1.7.6-fullmpi8-after-jumbo3.diff.gz|FullMPI for 1.7.6}} | magnum | Status: separate patch, currently relevant. This is version 8. Apply after jumbo-3. \\ This adds support for all cracking modes. See [[http://www.openwall.com/lists/john-users/2010/03/09/2 | mailing list announcement]] | ===== Misc Patches ===== ^ Patch ^ Author ^ Status/Description ^ | {{john:md5_gen_test_data-3.zip|Test data for Generic MD5}} | JimF | Status: currently relevant for testing of jumbo patch revisions. \\ (v3, Oct 27, 2009) Test data, and pw.dic file containing all passwords for the test cases. There is a test case for raw-md5, and for md5_gen(0) to md5_gen(15). Each when run through john should find all 1320 passwords. The salted hashes only have 66 unique passwords (but multiple hashes). The non-salted hashes use all 1320 passwords out of the password list file (v2 test data added md5_gen(17) phpass, and 'native' phpass format. v3 added 1 salt md5_gen(6)) | [[http://www.openwall.com/lists/john-users/2009/07/09/5|Yes, I'd like people to start using this wiki page to publish their patches.]] The above is just not enough, with most patches being submitted by other means (which is fine) and no mention on this page (which is //not// fine). - [[:people/solar|solar]] Also, there's a page on [[john:parallelization|existing efforts to introduce parallel processing and distributed processing into JtR]]. Back to [[:john]].