Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <8F156B13FF6944658191371F8E0535EB@ath64dual>
Date: Fri, 28 Aug 2009 22:51:09 -0500
From: "JimF" <jfoug@....net>
To: <john-users@...ts.openwall.com>
Subject: Re: Thoughts and questions on creation of a 'generic' MD5 hash set format (to handle 'all' of them)

I have an 'early' implementation of this 'format'.  The signature of the 
format will be:

md5_gen(#)hhhhhhhhhh[$salt]

I will be 'reserving' md5_gen(0) to md5_gen(99) as 'official' john 
built-in's.  Then numbers from 100 and above are 'free' to be used as this 
get implemented to do 'parsing' of new formats.

Right now, I have some a few working 'built-ins'.  I have gotten these 
working (so far)

-----------------------------------
md_gen(0)   raw-md5.
-----------------------------------
Example file:
:md5_gen(0)064073c4d0e99bab8859e2fcc8be8cc2
:md5_gen(0)c71f4d38b705ace587af6e832382b5c2
:md5_gen(0)ee02441dfa07fec75e96042d1a479d4c

Hashing to 000666 000667 000668 respectively

-----------------------------------
md_gen(1)  vBulletin  md5(md5($p).$s)  (fixed 3 byte salt)
-----------------------------------
Example file:
:md_gen(1)4fa66f89927a8bba0d4b3f477ab4aa4d$(l1
:md_gen(1)5312a79a95622b7b325e88673a7271d7$:8,
:md_gen(1)1e0376e1a76aeffa81f1d7aa3e964fbf$:(!
:md_gen(1)bb1bc4530600b2402e9f954adf9ca637$>d~

Hashing to aaron123 welcome99 1tiger and vegetto respectively

NOTE the ':' within the salts on the 2nd and 3rd lines.  Even though I 
'show' a colon as the leading character of this file type, I have had to 
write code to force a different character to be used to separate fields (I 
simply do not show that in this example).

-----------------------------------
md_gen(2)  joomla  md5($p.$s)
-----------------------------------
Example file:
:md5_gen(2)c8f61cb8a3648319f12cf4dbf8e0a165$03xLGL6ps1HTtwde
:md5_gen(2)fc2536dea62d94979e1191ef065b08ab$041JUW9P1bWFWLsM
:md5_gen(2)771bbb21360e48ef6a463467dcabc608$049uv7gKFZxdioNDS66DpmF3I3vYRcph
:md5_gen(2)4b3dd8d77fe88e999ce5ffd76d175e61$07MYjRsnk1jAzqwy
:md5_gen(2)81e89a1e0a3412f88f3ee61a175a8fdc$1PgdI3G2Aph3xh5N52zTRdN3dgm0fwcl

The last one hases to villalba1


the program will 'auto' detect a md5_gen(#) signature, without having to be 
'told'.  It will take the first one that it finds in the file, and once it 
finds one, it will only accept more lines of that time.  I think there will 
have to be a command line option added, to force john to use a specific 
'generic' hash.

This code is still simply prototype code.  But I do hope to get something 
working to where I can release at a patch level shortly.  I will fill in 
about a dozen or so 'common' format.  I have the code split out into 4 files 
right now (one is empty, the parser, as it is still more in 'concept' 
stage).  The files are:

md5_gen_fmt.c   This is the main 'format' file. It also contains the 
'working primative' functions, and contains a few additional 'setup' 
functions.  There is also some configuation data that is setup, once we know 
which version of format we want.

md5_gen.h  This file lists the functions used between the processes.  It has 
the declaration of the working primative' functions, and data structures 
used to pass information back and forth.

md5_gen_preloads.c  This file contains one function: 
md5_gen_RESERVED_PRELOAD_SETUP and lots of arrays of data.  The function 
validates that the requested md5_gen(#) function is coded for, and calls 
some helper functions in md5_gen_fmt.c to set it up to properly process this 
format.  One of the items, is the 'array' of function pointers to the 
primatives. So for md5_gen(0) (the raw-md5), the function pointer array is 
simply:
MD5_GEN_primative_funcp _Funcs_0[] =
{
   MD5GenBaseFunc__clean_input,
   MD5GenBaseFunc__append_keys,
   MD5GenBaseFunc__crypt,
   NULL
};
which is pretty easy to see, simply resets the environment, loads the keys, 
and calls crypt.  Same as in the 'raw-md5' code.


Finally, md5_gen_parser.c.  This one 'will' be the parser.  I think we will 
have to allow the user to edit john.ini, to add entries to 'describe' the 
format.  Then the parser will read these ini entries, and call into 
md5_gen_fmt.c to setup the environment approprately.  It will then PARSE the 
format (which will be provided as a string from the .ini file).  Thus, if 
the format was md5(md5($s.md5($s.$p))) the parser would have to load these 
functions:
MD5_GEN_primative_funcp Func_ptrs[] =
{
   MD5GenBaseFunc__clean_input,
   MD5GenBaseFunc__append_salts,
   MD5GenBaseFunc__append_keys,
   MD5GenBaseFunc__crypt,
   MD5GenBaseFunc__clean_input,
   MD5GenBaseFunc__append_salts,
   MD5GenBaseFunc__output_2_input_base16,   // note, this should probaly be 
'renamed', as it 'appends' data.
   MD5GenBaseFunc__crypt,
   MD5GenBaseFunc__clean_input,
   MD5GenBaseFunc__output_2_input_base16,
   MD5GenBaseFunc__crypt,
   NULL
};

I am pretty sure that a very trivial recusive parser can be fabricated to 
convert these simple expressions (if in proper format), into well behaved 
code.

Jim. 


-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.