Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <c5585d30a2eb12df6b20bebdf2e3ae6b@smtp.hushmail.com>
Date: Mon, 28 Sep 2015 22:59:23 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Kerberoast for John

On 28/09/15 11:50, Michael Kramer wrote:
> I wanted to share my work with the John Community. The work is based
> on the Kerberoast Python script from Tim Medin and I've ported it
> from there to C and then into John.

Cool, thanks!

> I've included the fmt_plug file for John, a testfile with 3
> testhashes the module is able to crack, and also part of the python
> script from Tim Medin to parse kirbi files into the format my John
> module uses.

You should include all three as test vectors. After doing so, you'll 
find that the format fails self-tests as written. It may crack that test 
file but it's flawed and will not always work.

> But I've encountered a strange bug and thought maybe one of you could
> help me.

There are many bugs ;-) I think you need to do the following, for a starter:

1. Change BINARY_SIZE to 0 and replace binary with fmt_default_binary. 
Have a look at some other format with a binary size of 0.
2. Change salt to a struct holding both the salt and what you are now 
putting in the binary (so this becomes a "salt-only" format, or a 
non-hash as we use to call them). Then of course change SALT_SIZE to 
sizeof that struct.
3. Adjust everything accordingly. Drop the binary_hash/get_hash 
functions (use fmt_default_* in the format struct).
4. Replace <openssl/rc4.h> with "rc4.h" (a local file in the tree)

BTW, I don't quite get what are you doing with saved_key in init()?

Also, you should rename src/kirbi_export.py to run/kirbi2john.py per our 
conventions.

Finally, please base your contributions upon latest tree in 
bleeding-jumbo branch of https://github.com/magnumripper/JohnTheRipper. 
You are using an older version of the formats interface (last release I 
presume). If you just fix the rest, I can take care of this.

Solar, the "Apache License" is fine, yes?

Thanks,
magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.