Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20120629092230.GA30739@openwall.com>
Date: Fri, 29 Jun 2012 13:22:30 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: 1.7.9-jumbo-6

All -

Here's a draft of the change list that I think is far more suitable for
the announcement than CHANGES-jumbo was.  Please take a look and let me
know ASAP if you spot any errors or crucial omissions.  Thanks.

---
Direct code contributors to 1.7.9-jumbo-6 (since 1.7.9-jumbo-5), by
commit count:

magnum
Dhiru Kholia
Frank Dittrich
JimF (Jim Fougeron)
myrice (Dongdong Li)
Claudio Andre
Lukas Odzioba
Solar Designer
Sayantan Datta
Samuele Giovanni Tonon
Tavis Ormandy
bartavelle (Simon Marechal)
Sergey V
bizonix
Robert Veznaver
Andras

New non-hashes:
* Mac OS X keychains [OpenMP]  (Dhiru)
  - based on research from extractkeychain.py by Matt Johnston
* KeePass 1.x files [OpenMP]  (Dhiru)
  - keepass2john is based on ideas from kppy by Karsten-Kai Koenig
    http://gitorious.org/kppy/kppy
* Password Safe [OpenMP, CUDA, OpenCL]  (Dhiru, Lukas)
* ODF files [OpenMP]  (Dhiru)
* Office 2007/2010 documents [OpenMP]  (Dhiru)
  - office2john is based on test-dump-msole.c by Jody Goldberg and
  OoXmlCrypto.cs by Lyquidity Solutions Limited
* Mozilla Firefox, Thunderbird, SeaMonkey master passwords [OpenMP]  (Dhiru)
  - based on FireMaster and FireMasterLinux
    http://code.google.com/p/rainbowsandpwnies/wiki/FiremasterLinux
* RAR -p mode encrypted archives  (magnum)
  - RAR -hp mode was supported previously, now both modes are

New challenge/responses, MACs:
* WPA-PSK [OpenMP, CUDA, OpenCL]  (Lukas, Solar)
  - CPU code is loosely based on Aircrack-ng
    http://www.aircrack-ng.org
* VNC challenge/response authentication [OpenMP]  (Dhiru)
  - based on VNCcrack by Jack Lloyd
    http://www.randombit.net/code/vnccrack/
* SIP challenge/response authentication [OpenMP]  (Dhiru)
  - based on SIPcrack by Martin J. Muench
* HMAC-SHA-1, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512  (magnum)

New hashes:
* IBM RACF [OpenMP]  (Dhiru)
  - thanks to Nigel Pentland (author of CRACF) and Main Framed for providing
  algorithm details, sample code, sample RACF binary database, test vectors
* sha512crypt (SHA-crypt) [OpenMP, CUDA, OpenCL]  (magnum, Lukas, Claudio)
  - previously supported in 1.7.6+ only via "generic crypt(3)" interface
* sha256crypt (SHA-crypt) [OpenMP, CUDA]  (magnum, Lukas)
  - previously supported in 1.7.6+ only via "generic crypt(3)" interface
* DragonFly BSD SHA-256 and SHA-512 based hashes [OpenMP]  (magnum)
* Django 1.4 [OpenMP]  (Dhiru)
* Drupal 7 $S$ phpass-like (based on SHA-512) [OpenMP]  (magnum)
* WoltLab Burning Board 3 [OpenMP]  (Dhiru)
* New EPiServer default (based on SHA-256) [OpenMP]  (Dhiru)
* GOST R 34.11-94 [OpenMP]  (Dhiru, Sergey V, JimF)
* MD4 support in "dynamic" hashes (user-configurable)  (JimF)
  - previously, only MD5 and SHA-1 were supported in "dynamic"
* Raw-SHA1-LinkedIn (raw SHA-1 with first 20 bits zeroed)  (JimF)

Alternate implementations for previously supported hashes:
* Faster raw SHA-1 (raw-sha1-ng, password length up to 15)  (Tavis)

OpenMP support in new formats:
* Mac OS X keychains  (Dhiru)
* KeePass 1.x files  (Dhiru)
* Password Safe  (Lukas)
* ODF files  (Dhiru)
* Office 2007/2010 documents  (Dhiru)
* Mozilla Firefox, Thunderbird, SeaMonkey master passwords  (Dhiru)
* WPA-PSK  (Solar)
* VNC challenge/response authentication  (Dhiru)
* SIP challenge/response authentication  (Dhiru)
* IBM RACF  (Dhiru)
* DragonFly BSD SHA-256 and SHA-512 based hashes  (magnum)
* Django 1.4  (Dhiru)
* Drupal 7 $S$ phpass-like (based on SHA-512)  (magnum)
* WoltLab Burning Board 3  (Dhiru)
* New EPiServer default (based on SHA-256)  (Dhiru)
* GOST R 34.11-94  (Dhiru, JimF)

OpenMP support for previously supported hashes that lacked it:
* Mac OS X 10.4 - 10.6 salted SHA-1  (magnum)
* DES-based tripcodes  (Solar)
* Invision Power Board 2.x salted MD5  (magnum)
* HTTP Digest access authentication MD5  (magnum)
* MySQL (old)  (Solar)

CUDA support for:
* phpass MD5-based "portable hashes"  (Lukas)
* md5crypt (FreeBSD-style MD5-based crypt(3) hashes)  (Lukas)
* sha512crypt (glibc 2.7+ SHA-crypt)  (Lukas)
* sha256crypt (glibc 2.7+ SHA-crypt)  (Lukas)
* Password Safe  (Lukas)
* WPA-PSK  (Lukas)
* Raw SHA-224, raw SHA-256 [inefficient]  (Lukas)
* MSCash (DCC) [not working reliably yet]  (Lukas)
* MSCash2 (DCC2) [not working reliably yet]  (Lukas)
* Raw SHA-512 [not working reliably yet]  (myrice)
* Mac OS X 10.7 salted SHA-512 [not working reliably yet]  (myrice)

OpenCL support for:
* phpass MD5-based "portable hashes"  (Lukas)
* md5crypt (FreeBSD-style MD5-based crypt(3) hashes)  (Lukas)
* sha512crypt (glibc 2.7+ SHA-crypt)  (Claudio)
  - suitable for NVIDIA cards, faster than the CUDA implementation above
* bcrypt (OpenBSD-style Blowfish-based crypt(3) hashes)  (Sayantan)
  - pre-configured for AMD Radeon HD 7970, will likely fail on others unless
  WORK_GROUP_SIZE is adjusted in opencl_bf_std.h and opencl/bf_kernel.cl;
  the achieved level of performance is CPU-like (bcrypt is known to be
  somewhat GPU-unfriendly)
* MSCash2 (DCC2)  (Sayantan)
  - with multi-GPU support (even AMD+NVIDIA mix), benefits from OpenMP
* Password Safe  (Lukas)
* WPA-PSK  (Lukas)
* RAR  (magnum)
* MySQL 4.1 double-SHA-1 [inefficient]  (Samuele)
* Netscape LDAP salted SHA-1 (SSHA) [inefficient]  (Samuele)
* NTLM [inefficient]  (Samuele)
* Raw MD5 [inefficient]  (Dhiru, Samuele)
* Raw SHA-1 [inefficient]  (Samuele)
* Raw SHA-512 [not working properly yet]  (myrice)
* Mac OS X 10.7 salted SHA-512 [not working properly yet]  (myrice)

Several of these require byte-addressable store (any NVIDIA card, but
only 5000 series or newer if AMD/ATI).  Also, OpenCL kernels for "slow"
hashes/non-hashes (e.g. RAR) may cause "ASIC hang" on certain AMD/ATI
cards with recent driver versions.  We'll try to address these issues in
a future version.

AMD XOP (Bulldozer) support added for:
* Many hashes based on MD4, MD5, SHA-1  (Solar)

Uses of SIMD (MMX assembly, SSE2/AVX/XOP intrinsics) added for:
* Mac OS X 10.4 - 10.6 salted SHA-1  (magnum)
* Invision Power Board 2.x salted MD5  (magnum)
* HTTP Digest access authentication MD5  (magnum)
* SAP CODVN B (BCODE) MD5  (magnum)
* SAP CODVN F/G (PASSCODE) SHA-1  (magnum)
* Oracle 11  (magnum)

Other optimizations:
* Reduced memory usage for raw-md4, raw-md5, raw-sha1, and nt2  (magnum)
* Prefer CommonCrypto over OpenSSL on Mac OS X 10.7  (Dhiru)
* New SSE2 intrinsics code for SHA-1  (JimF, magnum)
* Smarter use of SSE2 and SSSE3 intrinsics (the latter only if enabled in the
compiler at build time) to implement some bit rotates for MD5, SHA-1  (Solar)
* Assorted optimizations for raw SHA-1 and HMAC-MD5  (magnum)
* In RAR format, added inline storing of RAR data in JtR input file when the
original file is small enough  (magnum)
* Added use of the bitslice DES implementation for tripcodes  (Solar)
* Raw-MD5-unicode made "thick" again (that is, not building upon "dynamic"),
using much faster code  (magnum)
* Assorted performance tweaks in "salted-sha1" (SSHA)  (magnum)
* Added functions for larger hash tables to several formats  (magnum, Solar)

Other assorted enhancements:
* New option: --dupe-suppression (for wordlist mode)  (magnum)
* New option: --loopback[=FILE] (implies --dupe-suppression)  (magnum)
* New option: --max-run-time=N for graceful exit after N seconds  (magnum)
* New option: --log-stderr  (magnum)
* New option: --regenerate-lost-salts=N for cracking hashes where we do not
have the salt and essentially need to crack it as well  (JimF)
* New unlisted option: --list (for bash completion, GUI, etc.)  (magnum)
* --list=[encodings|opencl-devices]  (magnum)
* --list=cuda-devices  (Lukas)
* --list=format-details  (Frank)
* --list=subformats  (magnum)
* New unlisted option: --length=N for reducing maximum plaintext length of a
format, mostly for testing purposes  (magnum)
* Enhanced parameter syntax for --markov: may refer to a configuration file
section, may specify the start and/or end in percent of total  (Frank)
* Make incremental mode restore ETA figures  (JimF)
* In "dynamic", support NUL octets in constants  (JimF)
* In "salted-sha1" (SSHA), support any salt length  (magnum)
* Use comment and home directory fields from PWDUMP-style input  (magnum)
* Sort the format names list in "john" usage output alphabetically  (magnum)
* New john.conf options subsection "MPI"  (magnum)
* New john.conf config item CrackStatus under Options:Jumbo  (magnum)
* \xNN escape sequence to specify arbitrary characters in rules  (JimF)
* New rule command _N to reject a word unless it is of length N  (JimF)
* Extra wordlist rule sections: Extra, Single-Extra, Jumbo  (magnum)
* Enhanced "Double" external mode sample  (JimF)
* Source $JOHN/john.local.conf by default  (magnum)
* bash completion for JtR (to install: "sudo make bash-completion")  (Frank)
* benchmark-unify: a Perl script to unify benchmark output of different
versions of JtR for use with relbench  (Frank)
* Per-benchmark speed ratio output added to relbench  (Frank)
* New program: raw2dyna (helper to convert raw hashes to "dynamic")  (JimF)
* New program: pass_gen.pl (generates hashes from plaintexts)  (JimF, magnum)
* linux-*-native make targets (pass -march=native to gcc)  (magnum)
* Unlisted linux-*-clang-debug make targets with -faddress-sanitizer  (Dhiru)
* Many code changes made, many bugs fixed, many new bugs introduced  (all)
---

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.