The biggest new thing is integrated GPU support, both CUDA and OpenCL – although for a subset of the hash and non-hash types only, not for all that aresupported on CPU. The other biggest new thing is the addition of support for many more “non-hashes” and hashes. Just so you know, support for the now (in)famous Raw-SHA1-LinkedIn hashes has also been added!
“John the Ripper is a fast password cracker, currently available for many flavors of Unix,Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unixpasswords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes.”
Official change log for John the Ripper 1.7.9-jumbo-6:
New non-hashes:
Mac OS X keychains [OpenMP] (Dhiru) – based on research from extractkeychain.py by Matt Johnston
KeePass 1.x files [OpenMP] (Dhiru) – keepass2john is based on ideas from kppy by Karsten-Kai Koenig http://gitorious.org/kppy/kppy
Password Safe [OpenMP, CUDA, OpenCL] (Dhiru, Lukas)
ODF files [OpenMP] (Dhiru)
Office 2007/2010 documents [OpenMP] (Dhiru) – office2john is based on test-dump-msole.c by Jody Goldberg and OoXmlCrypto.cs by Lyquidity Solutions Limited
Mozilla Firefox, Thunderbird, SeaMonkey master passwords [OpenMP] (Dhiru) – based onFireMaster and FireMasterLinux http://code.google.com/p/rainbowsandpwnies/wiki/FiremasterLinux
RAR -p mode encrypted archives (magnum) – RAR -hp mode was supported previously, now both modes are
New challenge/responses, MACs:
WPA-PSK [OpenMP, CUDA, OpenCL] (Lukas, Solar) – CPU code is loosely based on Aircrack-ng http://www.aircrack-ng.org & http://openwall.info/wiki/john/WPA-PSK
VNC challenge/response authentication [OpenMP] (Dhiru) – based on VNCcrack by Jack Lloyd http://www.randombit.net/code/vnccrack/
SIP challenge/response authentication [OpenMP] (Dhiru) – based on SIPcrack by Martin J. Muench
HMAC-SHA-1, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512 (magnum)
New hashes:
IBM RACF [OpenMP] (Dhiru) – thanks to Nigel Pentland (author of CRACF) and Main Framed for providing algorithm details, sample code, sample RACF binary database, test vectors
sha512crypt (SHA-crypt) [OpenMP, CUDA, OpenCL] (magnum, Lukas, Claudio) – previouslysupported in 1.7.6+ only via “generic crypt(3)” interface
sha256crypt (SHA-crypt) [OpenMP, CUDA] (magnum, Lukas) – previously supported in 1.7.6+ only via “generic crypt(3)” interface
DragonFly BSD SHA-256 and SHA-512 based hashes [OpenMP] (magnum)
Django 1.4 [OpenMP] (Dhiru)
Drupal 7 $S$ phpass-like (based on SHA-512) [OpenMP] (magnum)
WoltLab Burning Board 3 [OpenMP] (Dhiru)
New EPiServer default (based on SHA-256) [OpenMP] (Dhiru)
GOST R 34.11-94 [OpenMP] (Dhiru, Sergey V, JimF)
MD4 support in “dynamic” hashes (user-configurable) (JimF) – previously, only MD5 and SHA-1 were supported in “dynamic”
Raw-SHA1-LinkedIn (raw SHA-1 with first 20 bits zeroed) (JimF)
Alternate implementations for previously supported hashes:
Faster raw SHA-1 (raw-sha1-ng, password length up to 15) (Tavis)
OpenMP support in new formats:
Mac OS X keychains (Dhiru)
KeePass 1.x files (Dhiru)
Password Safe (Lukas)
ODF files (Dhiru)
Office 2007/2010 documents (Dhiru)
Mozilla Firefox, Thunderbird, SeaMonkey master passwords (Dhiru)
WPA-PSK (Solar)
VNC challenge/response authentication (Dhiru)
SIP challenge/response authentication (Dhiru)
IBM RACF (Dhiru)
DragonFly BSD SHA-256 and SHA-512 based hashes (magnum)
Django 1.4 (Dhiru)
Drupal 7 $S$ phpass-like (based on SHA-512) (magnum)
WoltLab Burning Board 3 (Dhiru)
New EPiServer default (based on SHA-256) (Dhiru)
GOST R 34.11-94 (Dhiru, JimF)
OpenMP support for previously supported hashes that lacked it:
Mac OS X 10.4 – 10.6 salted SHA-1 (magnum)
DES-based tripcodes (Solar)
Invision Power Board 2.x salted MD5 (magnum)
HTTP Digest access authentication MD5 (magnum)
MySQL (old) (Solar)
CUDA support for:
phpass MD5-based “portable hashes” (Lukas)
md5crypt (FreeBSD-style MD5-based crypt(3) hashes) (Lukas)
sha512crypt (glibc 2.7+ SHA-crypt) (Lukas)
sha256crypt (glibc 2.7+ SHA-crypt) (Lukas)
Password Safe (Lukas)
WPA-PSK (Lukas)
Raw SHA-224, raw SHA-256 [inefficient] (Lukas)
MSCash (DCC) [not working reliably yet] (Lukas)
MSCash2 (DCC2) [not working reliably yet] (Lukas)
Raw SHA-512 [not working reliably yet] (myrice)
Mac OS X 10.7 salted SHA-512 [not working reliably yet] (myrice) – we have already identified the problem with the above two, and a post 1.7.9-jumbo-6 fix should be available shortly – please ask on john-users if interested in trying it out
OpenCL support for:
phpass MD5-based “portable hashes” (Lukas)
md5crypt (FreeBSD-style MD5-based crypt(3) hashes) (Lukas)
sha512crypt (glibc 2.7+ SHA-crypt) (Claudio) – suitable for NVIDIA cards, faster than the CUDA implementation above http://openwall.info/wiki/john/OpenCL-SHA-512
bcrypt (OpenBSD-style Blowfish-based crypt(3) hashes) (Sayantan) – pre-configured for AMD Radeon HD 7970, will likely fail on others unless WORK_GROUP_SIZE is adjusted in opencl_bf_std.h and opencl/bf_kernel.cl; the achieved level of performance is CPU-like (bcrypt is known to be somewhat GPU-unfriendly – a lot more than SHA-512) http://openwall.info/wiki/john/GPU/bcrypt
MSCash2 (DCC2) (Sayantan) – with optional and experimental multi-GPU support as a compile-time hack (even AMD+NVIDIA mix), by editing init() in opencl_mscash2_fmt.c
Password Safe (Lukas)
WPA-PSK (Lukas)
RAR (magnum)
MySQL 4.1 double-SHA-1 [inefficient] (Samuele)
Netscape LDAP salted SHA-1 (SSHA) [inefficient] (Samuele)
NTLM [inefficient] (Samuele)
Raw MD5 [inefficient] (Dhiru, Samuele)
Raw SHA-1 [inefficient] (Samuele)
Raw SHA-512 [not working properly yet] (myrice)
Mac OS X 10.7 salted SHA-512 [not working properly yet] (myrice) – we have already identified the problem with the above two, and a post 1.7.9-jumbo-6 fix should be available shortly – please ask on john-users if interested in trying it out
Several of these require byte-addressable store (any NVIDIA card, but only 5000 series or newer if AMD/ATI). Also, OpenCL kernels for “slow” hashes/non-hashes (e.g. RAR) may cause “ASIC hang” on certain AMD/ATI cards with recent driver versions. We’ll try to address these issues in a future version.
AMD XOP (Bulldozer) support added for:
Many hashes based on MD4, MD5, SHA-1 (Solar)
Uses of SIMD (MMX assembly, SSE2/AVX/XOP intrinsics) added for:
Mac OS X 10.4 – 10.6 salted SHA-1 (magnum)
Invision Power Board 2.x salted MD5 (magnum)
HTTP Digest access authentication MD5 (magnum)
SAP CODVN B (BCODE) MD5 (magnum)
SAP CODVN F/G (PASSCODE) SHA-1 (magnum)
Oracle 11 (magnum)
Other optimizations:
Reduced memory usage for raw-md4, raw-md5, raw-sha1, and nt2 (magnum)
Prefer CommonCrypto over OpenSSL on Mac OS X 10.7 (Dhiru)
New SSE2 intrinsics code for SHA-1 (JimF, magnum)
Smarter use of SSE2 and SSSE3 intrinsics (the latter only if enabled in the compiler at build time) to implement some bit rotates for MD5, SHA-1 (Solar)
Assorted optimizations for raw SHA-1 and HMAC-MD5 (magnum)
In RAR format, added inline storing of RAR data in JtR input file when the original file is small enough (magnum)
Added use of the bitslice DES implementation for tripcodes (Solar)
Raw-MD5-unicode made “thick” again (that is, not building upon “dynamic”), using much faster code (magnum)
Assorted performance tweaks in “salted-sha1″ (SSHA) (magnum)
Added functions for larger hash tables to several formats (magnum, Solar)
Other assorted enhancements:
linux-*-gpu (both CUDA and OpenCL at once), linux-*-cuda, linux-*-opencl, macosx-x86-64-opencl make targets (magnum et al.)
linux-*-native make targets (pass -march=native to gcc) (magnum)
New option: –dupe-suppression (for wordlist mode) (magnum)
New option: –loopback[=FILE] (implies –dupe-suppression) (magnum)
New option: –max-run-time=N for graceful exit after N seconds (magnum)
New option: –log-stderr (magnum)
New option: –regenerate-lost-salts=N for cracking hashes where we do not have the salt and essentially need to crack it as well (JimF)
New unlisted option:
–list (for bash completion, GUI, etc.) (magnum)
–list=[encodings|opencl-devices] (magnum)
–list=cuda-devices (Lukas)
–list=format-details (Frank)
–list=subformats (magnum)
New unlisted option: –length=N for reducing maximum plaintext length of a format, mostly for testing purposes (magnum)
Enhanced parameter syntax for –markov: may refer to a configuration file section, may specify the start and/or end in percent of total (Frank)
Make incremental mode restore ETA figures (JimF)
In “dynamic”, support NUL octets in constants (JimF)
In “salted-sha1″ (SSHA), support any salt length (magnum)
Use comment and home directory fields from PWDUMP-style input (magnum)
Sort the format names list in “john” usage output alphabetically (magnum)
New john.conf options subsection “MPI” (magnum)
New john.conf config item CrackStatus under Options:Jumbo (magnum)
xNN escape sequence to specify arbitrary characters in rules (JimF)
New rule command _N to reject a word unless it is of length N (JimF)
Extra wordlist rule sections: Extra, Single-Extra, Jumbo (magnum)
Enhanced “Double” external mode sample (JimF)
Source $JOHN/john.local.conf by default (magnum)
Many format and algorithm names have been changed for consistency (Solar)
When intrinsics are in use, the reported algorithm name now tells which ones (SSE2, AVX, or XOP) (Solar)
benchmark-unify: a Perl script to unify benchmark output of different versions of JtR for use with relbench (Frank)
Per-benchmark speed ratio output added to relbench (Frank)
bash completion for JtR (to install: “sudo make bash-completion”) (Frank)
New program: raw2dyna (helper to convert raw hashes to “dynamic”) (JimF)
New program: pass_gen.pl (generates hashes from plaintexts) (JimF, magnum)
Many code changes made, many bugs fixed, many new bugs introduced (all)
Download John the Ripper 1.7.9-jumbo-6:
John the Ripper 1.7.9-jumbo-6:
Unix – Sources: john-1.7.9-jumbo-6.tar.gz/john-1.7.9-jumbo-6.tar.bz2- http://www.openwall.com/john/
Windows Binaries: john179w2.zip – http://www.openwall.com/john/g/john179w2.zip
John the Ripper 1.7.9-jumbo-6:
Unix – Sources: john-1.7.9-jumbo-6.tar.gz/john-1.7.9-jumbo-6.tar.bz2- http://www.openwall.com/john/
Windows Binaries: john179w2.zip – http://www.openwall.com/john/g/john179w2.zip
0 comments:
Post a Comment