Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 6 Apr 2006 12:16:31 +0200 (CEST)
From: rembrandt@...erlin.de
To: john-users@...ts.openwall.com
Subject: Re: SYSKEY, John "Pro"


> Rembrandt,
>
> Your postings start to sound more and more like rants rather than
> suggestions, constructive criticism, etc.  This is up to you as long as
> we're on topic and the postings are informative to other john-users
> subscribers, but you could want to stop for a moment and think whether
> this is really the impression you want to make.

I`m tired... but need to keep up *******...

> On Thu, Apr 06, 2006 at 07:22:45AM +0200, rembrandt@...erlin.de wrote:
>> I can`t find anything about LC crackign Syskey anymore even I remember
>> that I did it because I tried it out....
>> I relay run a bruteforce against Syskey even I got a warning that it`s
>> maybe useless at all....
>
> Well, for now I'll assume that you don't remember correctly.

I would realy SWEAR that I had such a Version.... crazy.

>> > (bkhive is not _that_ system-specific - it makes sense to run it on
>> > non-Windows; but pwdump is.)
>
> So by the "system-specific features" I was referring primarily to
> pwdump-like functionality - which you had also mentioned.

Yes but pwdump isn?t system-specific.
Windows NT 4.0 isn`t Windows XP even the applications can run on XP too.

Windows 98 (PWL-Files) and Windows NT are two different Designs.
So implementing pwdump-like funktionality would work for NT
4.0,2k,XP,Svr2000 and svr2006 (even in 64Bit, the filedesign didn`t
changed as far as I know).
The only difference: On Windows NT 4.0 you had to enable syskey, on 2k and
newer it`s enabled by default.

> Yes, they're similar in this respect.

*PUSH that Idea into maintree*

> I'm not sure what you mean.  There is "unshadow" in the official DOS
> build of John 1.7.0.1.

Sorry.. I should..update my DOS-Tools sometimes. :-(
But when do you run a DOS-Tool today...

>> Why shouldn`t there be un "unsyskey" for Sam-Files?
>
> I am not saying there shouldn't be one.  I am unsure whether there
> should be one.  One of the reasons for this uncertainty is that such
> "unsyskey" is likely to require further maintenance by someone who
> "does" Windows - as file formats change.

I commented it above. the file-design didn`t changed as far as I know. Nt
4.0 -> Svr2003 -> All the same. I suspect even in Vista it`s the same but
I didn´t got an Beta. I had to delete the ISO to get some storage-capacity
to ripp some DVDs (It`s realy awesome how many moviecompanies include
rootkits..) to prevent damage.

> This is somewhat similar to "unafs" (which also processes binary files
> of software which I don't use myself), but worse.

I undertsand... but unafs is in the tree, isn`t it?

>> > I am considering making a "Pro" version of John, distributed primarily
>> > as pre-built native packages for specific popular systems (Windows,
>> > Linux, maybe Solaris, maybe Mac OS X) where such features could be
>> > included.  The same goes about adding a GUI.  This version, if ever
>> made
>> > and maintained, would likely be non-free or not completely free (at
>> > least not in the GNU sense).  I would actually pay money for
>> development
>> > and maintenance of the GUI - I wouldn't want to spend my very own time
>> > on that.

C and GTK2 will be your friends...
Or QT even I dislike it...

>> Free is free like a BSD and nothing else...
>
> Well, under that definition, John is already not free - because it is
> GPL'ed.

Correct and would you give me the latest john-src and permissions for a
BSD-License I would use this. ;-D

>> Going closed-src is not a solution in my oppinion.
>
> I am unsure whether the "Pro" (a marketing word) flavor of John, if one
> is ever made, would be open or closed source yet.  In fact, I don't
> think this matters much to the target users of this flavor (they don't
> need the source code) or to others (they don't need this flavor).

Well be truthly! I would find it AWESOME if John would show me the already
cracked charackters of Windowspasswords because then I could GUESS or even
just figure out if somebody read the guidline for "secure PWs" or not...

> One thing I am certain of is that this would not have any negative
> effect on the existing John the Ripper project, which would continue
> to evolve.  The expected effect is positive.

Correct...
I mean if you would include everythign from the PRO also in the normal
John nobody would maybe buy the "PRO"-Variant.....
But IF you make a difference you´re not better then Nessus :-/

>> If you wanna earn money: Just tell that clearly...
>
> Indeed, that's one of the primary objectives - but not the only one.

That`s not bad but couldnßt this be done during e.g. support contracts?!

> There are indirect profits and costs associated with free software (in
> the GNU or BSD license sense) as well.  So I am already earning money
> with software such as John and I also have related expenses (primarily
> lost profit off other work I am not doing or paying others to do while
> I am working on John or writing this message).

I know the most stuff (costs). At leats I hope I am able to figure them out.
Well LZMA and Torrents may be able to reduce your costs.
And I think it`s not too much (even for WIndowsusers) to download a
decompressor if you point out that they`ll need e.g. 7Zip (wich can handle
lzma). But there other costs for sure.. but if you pay for the bandwith
wich is used this could maybe help....

*OT*
The ssh-Project (in fact oBSD) needs some money...
Would be neat to read Openwall on the list of supporters... ;-)))
*/OT*

> I see nothing wrong with earning money if the overall effect this has on
> the project is neutral or positive.  With this, I expect a positive
> effect for both John (the existing Open Source project) and Openwall's
> other projects.  Openwall, Inc. is already paying for some work on Owl
> (all of which is Open Source) out of profits we make off other
> activities.  If you look at the Owl changelog between 1.1 and 2.0,
> you'll notice that it's been 2 years, yet half of the changes were made
> in the last 6 months.

Sorry I wont start a flamewar. Linux has a place... even I don´t use it.
And even OpenBSD isn`t the best choice for everybody.
I respect your work and commits to the Linux-Kernel, I realy do. I just
think sometimes you play on the wrong camp...
You spend a lot of time to find some bugs (after all others took a look..)
in the Linux-Kernel even Linux still crashs if it gets a PING...

If it`s time what you need you maybe hack the wrong Kernel or the wrong OS.
But OwL was once called "the only sane Linux"..... so maybe you´re also
absolutly right there. :-)

> Another reason to possibly branch the code is to not pollute the Open
> Source portable John with code for features that would only be needed in
> "Pro", and to make it easier to develop that "Pro" (yes, this could mean
> lower code quality there - it would not need to be as portable or
> generic - instead, it would need to be well-tested for particular target
> platforms).

Which stuff IS OS-related? Sure AltiVec-Support is (even the new
Pentium-CPUs have a similiar SSE-Engine now).
But do you realy think an Admin using a MAC isn`t interested into cracking
the PWs of the Windows-Boxes he also maintains? or an Admin on a freaky
OpenBSD isn`t interested to crack the PWs of a Linux wich uses DES?
Sure the assembly is different... so speedups with specific assembly are
the only case I can count as "OS"-Specific. And there oyu wanna have lower
quality? ;))) *joking*


> I would be more comfortable with implementing all sorts of hacks that
> people demand in "Pro".

So you`ve to recode all submitted Patches....

> An example would be built-in and fully
> automated cracking of the case of characters with NTLM hashes as LM ones
> are cracked.  This goes against the current program structure of John,
> so I'd hesitate to add it until/unless I find a way to implement that
> elegantly.

I see that a lot beers will be needed to solve this problem...

> For "Pro", especially a closed-source one (or with almost
> noone caring about the source code, even if it's available), that would
> be a non-issue.

Hm..
As far as I know does the GOV care for Src. At least my Gov cares...

>> But who the fuck wanna have a GUI if the cmd-line works perfectly?
>
> Some people working for some companies and .gov's do.

I`m sure they`re the same guys who needed a GUI for carnivore (wich looks
realy fuc*** up ;-D).
A good GUI can improve stuff a lot, that`s true. At leats for an overview...

>> Or do you plan to fill the empty space @stake and LC left?

> That would be great for John and for our other projects - and for me
> personally - but I'm afraid it's a little bit too late for that.

It`s not too late...

> Also, John has been and will remain quite different from LC.  It's the
> cross-platform functionality which many of John users appreciate it for.

Long time ago LC was also portable...

> I would share your feeling, except that I realize that there would be no
> demand for "Pro" on OpenBSD anyway - and that's not because of licensing
> issues.

Correct.. because there`s no admin using OpenBSD...
Or are there simply no admins who use OpenBSD and other OSs int heir
network? ;-)
So why do you think a PRO wouldn`t be needed for OpenBSD, FreeBSD or QNX?

> I will definitely continue supporting OpenBSD in the main branch of John.

How? My Opteron still waits for you if you need to do some assembly... ;)

>> Fyodor got a GUI for free.. don`t you think you`ll find somebody who
>> codes
>> it....?
>
> There have been a few - I can recall two - GUIs for JtR developed by
> others.

Call for a C+GTK2/QT4 Gui...

> Yes, there's a small but not negligible chance that I could find a
> volunteer who would do it well.  I would also need to put quite some of
> my time into it for the proper integration.

Yes... but if you would use an oBSD base for OwL you would have maybe more
time for hacking this stuff then fixing DoS *sarcasm* ;-)

> But what for?  Didn't you just say that the command-line John works
> perfectly?

> The GUI is precisely for those companies and .gov's willing to pay.  So
> I can pay, too, to deliver a "commercial quality application" that they
> expect, even if it's source code is not pretty. ;-)

Commercial quality.. like Windows? Like MS Office? Like OpenOffice? Like
CISCO-BGP-Routers?! Like Carnivore..? Uhm... how much do I`ve to pay to
get some "hacked quality"? ;-))

> On the other hand, a properly integrated GUI can in fact be of _some_
> use even to experienced users of John - but once again, primarily to
> those who do this for w$rk.

There`s no difference for me in the work of an admin, a penetration-tetser
or a "hacker". Maybe the last one works the most hours a day to have
succes...

>> If you decide to make John closed source
>
> Noone is talking about winding down the existing John the Ripper, an
> Open Source project.  On the contrary, I'd expect it to evolve faster.
>
> But I am repeating.

I just remmeber Nessus..... the "uberawesome" Version 3 *grml*

>> another idol dies...
>
> Is John the Ripper your idol, or did you make an idol out of myself?..
>
> Either way, I am just a human being, and John the Ripper is just a fun
> project, a useful program, etc.  Please don't make idols.  This results
> in your attitude being religious rather than rational.

Hehe... well would you stop submitting Patches to div. Projects to make me
stop beliving in your work? ;-)))
Maybe Idol was the wrong word ("lost in translation..").
It`s more.. that: I respect your work very much... (at leats the
FUn-Project..) ;)

> If you're all for software freedom, then why are you for an equivalent
> of software patents? ;-)

*hehe* ,)

> Similarly, if you favor BSD license over GPL, then why are you against
> closed-source derivative versions?  (This is something which BSD permits
> and GPL does not - except for copyright holders.)

That is correct. As I said: I just remmeber Nessus.
Linux, FreeBSD, MacOS... wow...
Well I use OpenBSD.... so it became completly unuseable (and no I wont use
Linux-Emul nor fBSD-Emul). ;)

> I feel that you're being illogical here.

Maybe I simply just fear that John walks the same way....

> And it has not been made yet.  I might simply not have the time, even if
> I would expect a financial return, although this does make it a little
> bit easier to find the time.

I`m sure you`ll make a decission. :)

Kind regards,
Rembrandt

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.