Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 30 Sep 2012 08:02:43 -0700 (PDT)
From: NeonFlash <psykosonik_frequenz@...oo.com>
To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com>
Subject: Re: WebEdition CMS

I would love to test various configurations for this format as well, but can anyone tell me why wouldn't the hashes load for me?

syntax 1: john -w:wordlist.txt -fo=dynamic_1011 webedition.txt

error: Unknown ciphertext format name requested

syntax 2: john --subformat=dynamic_1011 -w:wordlist.txt webedition.txt

error: No password hashes loaded (see FAQ)

syntax 3: john -w:wordlist.txt webedition.txt

error: No password hashes loaded (see FAQ)

configuration from dynamic.conf file:

[List.Generic:dynamic_1011]
Expression=md5($p.md5($s)) (WebEdition CMS)
Flag=MGF_SALTED
Func=DynamicFunc__clean_input
Func=DynamicFunc__append_salt
Func=DynamicFunc__crypt_md5
Func=DynamicFunc__clean_input2
Func=DynamicFunc__append_keys2
Func=DynamicFunc__append_from_last_output_to_input2_as_base16
Func=DynamicFunc__crypt_md5_in2_to_out1
Test=$dynamic_1011$e82bf09e8a1899d4c3d00a3f380d5cdb$SXB:openwall
Test=$dynamic_1011$c0e024d9200b5705bc4804722636378a$admin:admin
Test=$dynamic_1011$14f8b3781f19a3b7ea520311482ce207$openwall:openwall

Question #1: Do I need to add this configuration to dynamic.conf or john.ini file?

Now, I added to john.ini and these are the error messages I receive:

Error, unknown function:  Func=DynamicFunc__crypt_md5
Error parsing section [List.Generic:dynamic_1011]
Error in line 698 file is john.ini

Any help would be appreciated.

Thanks.



________________________________
 From: "jfoug@....net" <jfoug@....net>
To: john users <john-users@...ts.openwall.com> 
Sent: Sunday, September 30, 2012 7:41 PM
Subject: Re: [john-users] WebEdition CMS
 
Works code worked for me. Likely you missed the extra flag value. That value is VERY important.  What that flag does is when the file is being loaded, it takes the salt, performs a MD5 on it, then takes that base-16 results, and uses THAT value as the salt.  In other words, it precomputes the md5($s) one time, and then you simply append that value where you need it from that point on, thus cutting down the number of MD5 crypt calls in your inner loop.

This is one KEY line, you may have not copied into your format:

Flag=MGF_SALT_AS_HEX


Here are some quick/dirty timings for this format (note 1012 on my test was my 1 MD5 script)

Original
$ ./john -test=5 -form=dynamic_1011
Benchmarking: dynamic_1011 md5($p.md5($s)) (WebEdition CMS) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts:     5702K c/s real, 5719K c/s virtual
Only one salt:  4827K c/s real, 4827K c/s virtual


Using MGF_SALT_AS_HEX
$ ./john -test=5 -form=dynamic_1011
Benchmarking: dynamic_1011 md5($p.md5($s)) (WebEdition CMS) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts:     9256K c/s real, 9256K c/s virtual
Only one salt:  6678K c/s real, 6789K c/s virtual


Hotice how the 'many salts' speed gets quite a bit bigger performance boost with this model. This is due to the salt itself now being pretty long (32 bytes).  In the 'Many salts' test, there is less memory copying happening with the salt.

But you can see precomputing the salt make a pretty large boost to speed.

Jim.


On Sun, Sep 30, 2012 at 8:31 AM, Dhiru Kholia wrote:

> On Sun, Sep 30, 2012 at 5:07 PM,  <jfoug@....net> wrote:
>> Simply looking at that format script, I believe it would work fine. There is
>> also ways a username can be used directly within dynamic instead. However,
>> since anyone using this would be fabricating the JtR input file, putting the
>> username into a salt field would be just as easy as putting into the
>> username field when building the file.
> 
>> Also, if a salt is used vs the username within dynamic, then there is a nice
>> optimization that can be used to double the speed of the format. If you
>> notice the base-16 MD5 of the salt (user name), is a static string. This can
>> be pre-computed at load time, and done only once. This reduces the MD5 calls
>> from 2 to 1 per password/salt trial.
> 
> Jim,
> 
> I have tried to implement what you said,
> 
> MySQL [webedition]> select username,md5(username),passwd,UseSalt from
> tblUser where username="openwall";
> 
> +----------+----------------------------------+----------------------------------+---------+
> | username | md5(username)                    | passwd
>           | UseSalt |
> 
> +----------+----------------------------------+----------------------------------+---------+
> | openwall | f2df0ddd3129c68b1ae7be05779ebeb3 |
> 14f8b3781f19a3b7ea520311482ce207 |       1 |
> 
> +----------+----------------------------------+----------------------------------+---------+
> 
> ####################################################################
> # DYNAMIC type for WebEdition CMS md5($p.PMD5(username))
> # > select md5(username),passwd,UseSalt from tblUser
> # PMD5(username), pre-computed md5 of username is salt
> ####################################################################
> [List.Generic:dynamic_1012]
> Expression=md5($p.PMD5(username)) (WebEdition CMS)
> Flag=MGF_SALTED
> Flag=MGF_SALT_AS_HEX
> Func=DynamicFunc__clean_input
> Func=DynamicFunc__append_keys
> Func=DynamicFunc__append_salt
> Func=DynamicFunc__crypt_md5
> 
> Test=$dynamic_1012$14f8b3781f19a3b7ea520311482ce207$HEX$f2df0ddd3129c68b1ae7be05779ebeb3:openwall
> 
> However it fails self-test,
> 
> Benchmarking: dynamic_1012 md5($p.PMD5(username)) (WebEdition CMS)
> [128/128 SSE2 intrinsics 10x4x3]... FAILED (get_hash[0](0)
> 
> Any tips to get it working?
> 
> -- Cheers,
> Dhiru

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.