Can a tool as this be as useful when there are rainbow
tables out there
to utilize for this kind of cracking?
Amin Tora, CISSP,CHSP,CCSI
Senior Security Consultant
ePlus Technology Inc.
Mailstop #168
13595 Dulles Technology Drive
Herndon, VA 20171
Office: (703) 984-8007
Cell: (703) 675-0738
Fax: (703) 984-8607
web: http://www.eplus.com
Nasdaq: PLUS
-----Original Message-----
From: Solar Designer [mailto:solar@xxxxxxxxxxxx]
Sent: Wednesday, February 08, 2006 9:07 PM
To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: John the Ripper 1.7; pam_passwdqc 1.0+; tcb
1.0; phpass 0.0
Hi,
This is to announce several related items at once. :-)
After 7+ years of development snapshots only (yes, I
know, that was
wrong), John the Ripper 1.7 release is out:
http://www.openwall.com/john/
John the Ripper is a fast password cracker, currently
available for many
flavors of Unix (11 are officially supported, not
counting different
architectures), DOS, Win32, BeOS, and OpenVMS (the
latter with a patch
or unofficial builds by Jean-loup Gailly). Its primary
purpose is to
detect weak Unix passwords. Besides several crypt(3)
password hash
types most commonly found on various Unix flavors,
supported out of the
box are Kerberos/AFS and Windows NT/2000/XP LM hashes,
plus many more
with contributed patches.
The changes made since the last development snapshot
(1.6.40) are minor,
however the changes made since 1.6 are substantial:
http://www.openwall.com/john/doc/CHANGES.shtml
John the Ripper became a lot faster, primarily at
DES-based hashes.
This is possible due to the use of better algorithms
(bringing more
inherent parallelism of trying multiple candidate
passwords down to
processor instruction level), better optimized code, and
new hardware
capabilities (such as AltiVec available on PowerPC G4
and G5
processors).
In particular, John the Ripper 1.7 is a lot faster at
Windows LM hashes
than version 1.6 used to be. John's "raw" performance
at LM hashes is
now similar to or even slightly better than that of
commercial Windows
password crackers such as LC5, -- and that's despite
John trying
candidate passwords in a more sophisticated order based
on statistical
information (resulting in typical passwords getting
cracked earlier).
John 1.7 also improves on the use of MMX on x86 and
starts to use
AltiVec on PowerPC processors when cracking DES-based
hashes (that is,
both Unix crypt(3) and Windows LM hashes). To my
knowledge, John
1.7 (or rather, one of the development snapshots leading
to this
release) is the first program to cross the 1 million
Unix crypts per
second boundary on a general-purpose CPU. John 1.7
achieves up to 1.6M
c/s raw performance (with no matching salts) on a
PowerPC G5 at
2.7 GHz (or 1.1M c/s on a 1.8 GHz) and approaches 1M c/s
on the fastest
x86 CPUs currently available.
Additionally, John 1.7 makes an attempt at generic
vectorization support
for bitslice DES (would anyone try to set DES_BS_VECTOR
high and compile
this on a real vector computer, with compiler
vectorizations enabled?),
will do two MD5 hashes at a time on RISC architectures
(with mixed
instructions, allowing more instructions to be issued
each cycle), and
includes some Blowfish x86 assembly code optimizations
for older x86
processors (Intel PPro through P3 and AMD K6) with no
impact on newer
ones due to runtime CPU type detection.
Speaking of the actual features, John the Ripper 1.7
adds an event
logging framework (John will now log how it proceeds
through stages of
each of its cracking modes - word mangling rules being
tried, etc.),
better idle priority emulation with POSIX scheduling
calls (once
enabled, this almost eliminates any impact John has on
performance of
other applications on the system), system-wide
installation support for
use by *BSD ports and Linux distributions, and support
for AIX,
DU/Tru64 C2, and HP-UX tcb files in the "unshadow"
utility.
Finally, there are plenty of added pre-configured make
targets with
optimal settings, including for popular platforms such
as Linux/x86-64,
Linux/PowerPC (including ppc64 and AltiVec), Mac OS X
(PowerPC and x86),
Solaris/sparc64, OpenBSD on almost anything 32-bit and
64-bit, and more.
On a related note, pam_passwdqc and our tcb suite became
mature enough
for their 1.0 releases.
pam_passwdqc is a simple password strength checking
module for PAM-aware
password changing programs, such as passwd(1). In
addition to checking
regular passwords, it offers support for passphrases and
can provide
randomly generated ones. All features are optional and
can be
(re-)configured without rebuilding.
pam_passwdqc works on Linux, FreeBSD 5+ (in fact, it's
been integrated
into FreeBSD), Solaris, HP-UX 11+, and reportedly on
recent versions of
IRIX. Additionally, Damien Miller has developed and
contributed a
plugin password strength checker for OpenBSD based on
pam_passwdqc.
This plugin is now linked from the contributed resources
list on the
pam_passwdqc homepage:
http://www.openwall.com/passwdqc/
The tcb package contains core components of our tcb
suite implementing
the alternative password shadowing scheme on Openwall
GNU/*/Linux and
distributions by ALT Linux team. This allows core
system utilities such
as passwd(1) to operate with little privilege,
eliminating the need for
SUID to root programs. The tcb suite has been in
production use for
some years and has proven to work well. Its homepage
is:
http://www.openwall.com/tcb/
The tcb suite has been designed and implemented
primarily by Rafal
Wojtczuk, with significant contributions from me and
Dmitry V. Levin.
Finally, I've developed and placed into the public domain
a portable PHP
password hashing framework. The intent is to allow PHP
application
developers to use state of the art password hashing
without learning the
arcane details of the PHP crypt() function. The
homepage for this
framework is:
http://www.openwall.com/phpass/
Enjoy!
--
Alexander Peslyak <solar at openwall.com> GPG key ID:
B35D3598 fp: 6429
0D7E F130 C13E C929 6447 73C3 A290 B35D 3598
http://www.openwall.com -
bringing security into open computing environments