Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAL7A2DzVwXe4u034cUoCvnZpHoajjHEvGtKoxPzDhg7HnXUKMQ@mail.gmail.com>
Date: Thu, 21 Apr 2016 22:02:14 -0700
From: Danux <danuxx@...il.com>
To: john-users@...ts.openwall.com
Subject: MS Office XML

Hi, any plans to start supporting cracking of MS  Office Open XML Format?
(Docx, xlsx, pptx)
On Sep 10, 2015 4:28 AM, "Solar Designer" <solar@...nwall.com> wrote:

On Wed, Sep 09, 2015 at 09:21:51PM -0500, nyxgeek wrote:
> I've searched far and wide to determine the creation date of John the
Ripper, but have so far been unsuccessful.

John the Ripper 1.0 was released in 1996 as a drop-in replacement for
Cracker Jack under DOS.  It was built with DJGPP, requiring 386+ and
optimized for the original Pentium and to a lesser extent for 486.
(Initially, I called it Cracker John, but a friend suggested the name
John the Ripper.)  This also explains the john.pot filename - obviously,
it was jack.pot in Cracker Jack.  The functionality of John the Ripper
1.0 was comparable to Cracker Jack's, but extended in a number of ways:
there were wordlist rules compatible with Crack's, and the "single
crack" mode (name originating from Cracker Jack) was entirely
re-designed (IIRC, in Cracker Jack using this mode involved running a
separate program before starting the main cracker program).  There was
incremental mode (using frequency-sorted lists of characters), which
wasn't present in Cracker Jack at all (nor in any other cracker
available at the time that I know of).  Cracker Jack appeared
unmaintained since 1993 by that time, lacking optimizations for x86 CPUs
newer than 386 - it ran very well on 386 (in many cases faster than John
the Ripper, in fact), but poorly on 486 and especially on the original
Pentium.  John the Ripper 1.0 solved that, and more.  Cracker Jack was
closed source, and no code from it was reused.

Although John the Ripper 1.0 was released for DOS only, its source code
was mostly portable.  In fact, I had tried out prototypes for its
incremental mode in 1995 on Unix-like systems only.  The choice to
release for DOS first was based primarily on Cracker Jack needing
replacement.

Curiously, Roman Rusakov who contributed the optimized DES S-box
expressions in 2011 had also helped me optimize DES assembly code for
the original Pentium back in 1996.  IIRC, I first learned of the
original Pentium's cache bank conflicts and how to avoid them from him.
It's due to his advice that early John the Ripper went from below 8k c/s
to above 10k c/s at descrypt on Pentium 120 MHz.  IIRC, Cracker Jack and
Crack ran at around 3k c/s (with Crack being moderately faster for it
lacking optimizations specific to 386 motherboards' typical cache size).
John the Ripper's non-bitslice descrypt code loosely built upon Crack's
(the x86 asm was brand new, but implementing the same approach as
Crack's, except for Roman's better key setup algorithm).

John the Ripper became open source in 1997, supporting builds for DOS
and some Unix-like systems (including 64-bit optimizations for Alpha,
but not bitslicing yet).  The original codebase was used for up to
version 1.4.  I mostly re-wrote it in 1998 for version 1.5 (and added
bitslicing based on then-new paper by Eli Biham), which is still the
basis of the current versions - e.g., that's where the formats API
originated, and it was only extended since then.

> The change logs on openwall.com seem to only go back to 2002.

2002 is when I imported the code into a CVS repository, for further
maintenance as part of Owl.

> I used Google's Ngram viewer to search and it seems likely that it was
created in 1993 or so?

No, John the Ripper appeared in 1996, with prototypes for incremental
mode dating back to 1995 (but there was no John the Ripper name then).

> I did find a mention in a site dated from 1996 that says "John the Ripper
is a relatively new UNIX password cracker..."

That's right.

> I figure that if anybody knows it would be someone on this list.

Sure, and some other folks would know as well.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.