|
Message-ID: <20091226134228.GA1055@openwall.com> Date: Sat, 26 Dec 2009 16:42:28 +0300 From: Solar Designer <solar@...nwall.com> To: announce@...ts.openwall.com, john-users@...ts.openwall.com Subject: JtR 1.7.4 and jumbo patch update Hi, John the Ripper 1.7.4 is out, along with its corresponding jumbo patch update. This is a development version focusing on many improvements to the word mangling rules engine. http://www.openwall.com/john/ http://www.openwall.com/john/#contrib The changes since 1.7.3.4 are as follows: * Support for back-references and "parallel" ranges has been added to the word mangling rules preprocessor. * The notion of numeric variables (to be used for character positions and substring lengths along with numeric constants supported previously) has been introduced into the rules engine. Two pre-defined variables ("l" for initial or updated word's length and "m" for initial or memorized word's last character position) and 11 user-defined variables ("a" through "k") have been added. Additionally, there's a new numeric constant: "z" for "infinite" position or length. * New rule commands have been added: "A" (append, insert, or prefix with a string), "X" (extract a substring from memory and insert), "v" (subtract and assign to a numeric variable). * New rule reject flags have been added: ":" (no-op, for use along with the "parallel" ranges feature of the preprocessor) and "p" (reject unless word pair commands are allowed, for sharing of the same ruleset between "single crack" and wordlist modes). * Processing of word mangling rules has been made significantly faster in multiple ways (caching of the current length, less copying of data, code and data placement changes for better branch prediction and L1 cache usage, compiler-friendly use of local variables, code micro-optimizations, removal of no-op rule commands in an initial pass). * The default rulesets for "single crack" and wordlist modes have been revised to make use of the new features, for speed, to produce fewer duplicates, and to attempt additional kinds of candidate passwords (such as for years 2010 through 2019 with "year-based" rules). * The idle priority emulation code has been optimized for lower overhead when there appears to be no other demand for CPU time. * The default for the Idle setting has been changed from N to Y. Speaking of the jumbo patch, besides having been updated to the new version of JtR it includes only one change: a bug fix patch for mysql_fmt.c and mysql05_fmt.c by JimF. Please test and provide your feedback on the john-users mailing list. Specifically, you may want to benchmark 1.7.3.4 vs. 1.7.4 with their different john.conf files, as well as with 1.7.3.4's old john.conf file (which should be valid for 1.7.4 as well). That way, you'll separate the effect of code optimizations within JtR vs. that of changes to the rulesets and to the Idle setting. You may also benchmark JtR 1.7.4 with Idle=Y (the new default) vs. Idle=N. I am specifically interested in such benchmarks on systems other than Linux. I might need to reconsider the change of default for some or for all systems if it causes a significant slowdown on some systems without much other load. By "benchmarking", I refer to actual cracking runs (with the same initial john.pot contents), not just "john --test". The latter should be unaffected by the changes between 1.7.3.4 and 1.7.4. Enjoy, and please don't forget to provide your feedback! Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.