Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <4F2866DE.3070204@sysroot.eu>
Date: Tue, 31 Jan 2012 23:10:38 +0100
From: Claudio Broglia <xeon@...root.eu>
To: john-dev@...ts.openwall.com
Subject: Re: Adding a new format

Il 29/01/2012 18:00, magnum ha scritto:
> On 01/29/2012 04:34 PM, Claudio Broglia wrote:
>> Hello,
>> I want to add a new hash format to John. I'm having some difficulties
>> trying to understand how all the binary(), crypt_all(), get_hash() and
>> similar functons wrap up together, and I can't seem to find
>> documentation around.
>> If there is, could you point me to some guide?
> There are some comments in formats.h. This together with a simple format
> like rawSHA256_fmt.c should get you started.
>
> magnum
>
Thanks for the hints, anyway I was already looking into it.
Until now, I've roughly figured out how they work together, but
something it's still missing in the picture :)

Here are a call dump from a single hash:
-- loading phase --
nds_valid(): ciphertext=...
nds_binary(): ciphertext=...
binary_hash_4()
nds_salt(): ciphertext=...
Loaded 1 password hash (...)

-- testing phase --
nds_valid(): ciphertext=* 
nds_valid(): ciphertext=...
nds_binary(): ciphertext=...
nds_salt(): ciphertext=...
nds_set_salt()
nds_set_key()
nds_crypt_all(): count=1
get_hash_0()
binary_hash_0()
get_hash_1()
binary_hash_1()
get_hash_2()
binary_hash_2()
get_hash_3()
binary_hash_3()
get_hash_4()
binary_hash_4()
get_hash_5()
binary_hash_5()
get_hash_6()
binary_hash_6()
nds_cmp_all(): count=1
nds_cmp_one(): index=0
nds_cmp_exact()

-- cracking phase --
...
nds_set_key(): key=mace55 index=0
nds_crypt_all(): count=1
nds_cmp_all(): count=1
...


My questions are:
- what are needed for the binary_hash() and get_hash() functions? From
the testing phase, I supposed they were needed to speedup comparison,
but they aren't used during the cracking phase.
- what is the meaning of the call, in the auto test phase, to
nds_valid() with ciphertext parameter set to "*"?
- would you suggest to crypt many keys at every pass, to gain speed, or
to stick with MAX_KEYS_PER_CRYPT set to 1?
- the hash format I'm adding uses only uppercase passwords. In which way
would you suggest to handle this? For example, converting to uppercase
the keys given in input to nds_set_key()? I'm sure there's a better way
to do it...

Many thanks for every suggestion

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.