--- john-1.7.2.orig/debian/john.lintian-overrides +++ john-1.7.2/debian/john.lintian-overrides @@ -0,0 +1,2 @@ +# the code depending on openssl is Public Domain +john: possible-gpl-code-linked-with-openssl --- john-1.7.2.orig/debian/postrm +++ john-1.7.2/debian/postrm @@ -0,0 +1,61 @@ +#!/bin/sh +set -e + +# Revert relocation of a conffile from one location to another. +# The forward path is preinst install|upgrade. +# $1 is the original pathname of the conffile, +# $2 is the pathname of the current conffile. +unmv_conffile () +{ + if [ -e "$1" ] ; then + echo "Not reverting conffile relocation to $2;" + echo "original pathname $1 exists." + elif [ -e "$1.moved_by_preinst" ] ; then + echo "Reverting removal of unmodified conffile:" + echo -n " " + mv -v "$1.moved_by_preinst" "$1" + elif [ -e "$2" ] ; then + echo "Reverting relocation of modified conffile to original location:" + echo -n " " + mv -fv $2 $1 + fi >&2 +} + +case $1 in +disappear|remove) + # These are the restore and cracked-password file used by the + # cronjob for attacking the system password file for a short + # period each day: + d=/var/lib/john + rm -f $d/restore $d/john.pot + d=/var/run/john +# FIXME: this is configurable... + rm -f $d/john.pid $d/cronpasswd.* + ;; + +abort-install|abort-upgrade) + # Revert relocation of conffiles: + p1=/etc + p2=/etc/john + if dpkg --compare-versions "$2" le-nl 1.6-27; then + unmv_conffile $p1/john.ini $p2/john.conf + unmv_conffile $p1/john-mail.conf $p2/john-mail.conf + unmv_conffile $p1/john-mail.msg $p2/john-mail.msg + + # "Display the warning, but don't fail if nonempty": + rmdir $p2 || rmdir --ignore-fail-on-non-empty $p2 + fi + ;; + +purge|upgrade|failed-upgrade) + # These cases need no actions here + : + ;; + +*) + echo "$0: undocumented call: $@" >&2 + exit 1 + ;; +esac + +#DEBHELPER# --- john-1.7.2.orig/debian/compat +++ john-1.7.2/debian/compat @@ -0,0 +1 @@ +5 --- john-1.7.2.orig/debian/control +++ john-1.7.2/debian/control @@ -0,0 +1,41 @@ +Source: john +Section: admin +Priority: optional +Maintainer: John Packaging Team +Uploaders: David Paleino , Gerfried Fuchs +Standards-Version: 3.7.3 +Build-Depends: debhelper (>= 5), quilt, libssl-dev +Homepage: http://www.openwall.com/john/ +Vcs-Svn: svn://svn.debian.org/svn/collab-maint/deb-maint/john/trunk/ +Vcs-Browser: http://svn.debian.org/wsvn/collab-maint/deb-maint/john/trunk/?rev=0&sc=0 + +Package: john +Architecture: any +Depends: ${shlibs:Depends}, john-data (= ${source:Version}) +Suggests: wenglish | wordlist +Description: active password cracking tool + john, mostly known as John the Ripper, is a tool designed to help systems + administrators to find weak (easy to guess or crack through brute force) + passwords, and even automatically mail users warning them about it, if it + is desired. + . + It can also be used with different cyphertext formats, including Unix's + DES and MD5, Kerberos AFS passwords, Windows' LM hashes, BSDI's extended DES, + and OpenBSD's Blowfish. + +Package: john-data +Architecture: all +Enhances: john +Conflicts: john (<= 1.7.2-1) +Description: active password cracking tool - character sets + john, mostly known as John the Ripper, is a tool designed to help systems + administrators to find weak (easy to guess or crack through brute force) + passwords, and even automatically mail users warning them about it, if it + is desired. + . + It can also be used with different cyphertext formats, including Unix's + DES and MD5, Kerberos AFS passwords, Windows' LM hashes, BSDI's extended DES, + and OpenBSD's Blowfish. + . + This package contains architecture-independent character sets usable by + john. --- john-1.7.2.orig/debian/changelog +++ john-1.7.2/debian/changelog @@ -0,0 +1,676 @@ +john (1.7.2-3~bpo40+1) etch-backports; urgency=low + + * Rebuild for etch-backports. + * Lowered debhelper dependency to 5 again, remove dh_lintian call from + debian/rules. + + -- Gerfried Fuchs Tue, 03 Jun 2008 11:58:20 +0200 + +john (1.7.2-3) unstable; urgency=low + + * Merged debian/changelog from old experimental version (1.7-1 and + 1.7-2). + * debian/patches/: + - 06-fix_paths.patch updated (Closes: #484109). + - 07-update_FAQ.patch added: point users to README.wordlists. + - added support for Microsoft Windows NT/2000/XP/2003 NTLM (MD4) hash + (patch by Alain Espinosa ) + - added support for Windows 2000/XP/2003 credentials cache hash (patch + by Alain Espinosa ) + - added support for LM/NTLMv1 challenge/response (ported from 1.7.0.2) + (patch by by JoMo-Kun ) + * debian/control: + - set "John Packaging Team" as the Maintainer + - moved myself to Uploaders + - debhelper dependency bumped to >= 6.0.7~ (dh_lintian) + - added Build-Depends on libssl-dev + * debian/man/john.8 fixed (Closes: #482886) + * debian/rules updated: + - binary-common target added, binary-{arch,indep} depending on it + (Closes: #477450) + - conditionally unset OPT_NORMAL (i.e. remove -funroll-loops) on arm + machines + * debian/compat bumped to 6 + * debian/copyright updated: + - included files created by patches + + -- David Paleino Mon, 02 Jun 2008 17:21:00 +0200 + +john (1.7.2-2) unstable; urgency=low + + * Fixing undeclared conflict between john-data and previous versions + of john (Closes: #477974) + + -- David Paleino Sat, 26 Apr 2008 09:48:09 +0200 + +john (1.7.2-1) unstable; urgency=low + + * Package adopted (Closes: #461992) + * New upstream release (Closes: #385858, #353151, #353108, #127920) + * debian/control: + - added Vcs-* fields + - updated Maintainer field + - dropped dependency on dpkg + - updated dependency on debhelper (>= 5) + - added dependency on quilt + - added an Arch: all package -- john-data + * debian/watch added + * debian/preinst - now invokes dpkg-query + * debian/man/john.8 - fixed errors from man + * debian/rules: + - refactored to use debhelper + - refactored to use quilt + * debian/README removed (no more applicable): + - also fixes dead symlink error (Closes: #354634, #372154) + * debian/john-data.install added: + - also includes alnum.chr in /usr/share/john/ (Closes: #385856) + * debian/patches/: + - bashisms.diff removed -- patching a debian/ file, no need to make a + separate patch. + - faq.diff removed -- the same info that the patch adds can be found in + README.wordlists. + - system-wide.diff removed -- john 1.7.* supports system-wide installation + via a compiler flag. + - all other old patches have been kept (but not applied at build-time) for + future reference. + * debian/copyright updated. + * debian/compat updated. + + -- David Paleino Fri, 18 Apr 2008 17:24:58 +0200 + +john (1.6-40.4) unstable; urgency=medium + + * Non-maintainer upload. + * Add 'bashisms.diff' to fix bashisms in /usr/sbin/mailer script + (Closes: #468685) + * debian/control: + - Bump Standards-Version to 3.7.3. + - Use Homepage: field for upstream URL. + + -- Chris Lamb Sat, 12 Apr 2008 04:40:32 +0100 + +john (1.6-40.3) unstable; urgency=low + + * Non-maintainer upload. + * Fixed build failure on !(i386 || alpha). Revert to the state of version + 1.6-40.1, and used Ubuntu's sysconf-based patch instead of Thiemo's + CLOCKS_PER_SEC patch. Closes: #460697. + * Add debian/patches/mips.diff: patch from Thiemo Seufer to fix FTBFS on + mips and mipsel. Closes: #415738. + + -- Lucas Nussbaum Mon, 14 Jan 2008 20:00:36 +0100 + +john (1.6-40.2) unstable; urgency=low + + * Non-maintainer upload. + * Applied patch from Thiemo Seufer to replace CLK_TCK by CLOCKS_PER_SEC. + Fixes FTBFS (Closes: #420980). + + -- Lucas Nussbaum Sat, 12 Jan 2008 22:11:08 +0100 + +john (1.6-40.1) unstable; urgency=high + + * Non-maintainer upload. + * High-urgency for RC bugfix. + * The following bug fixes are mostly cherry-picked from an omnibus patch + by Justin Pryzby : + * Complete rewrite of maintainer scripts to neither remove nor edit + conffiles (Closes: #375850) + - the debconf settings are not necessary for package operation, + so just don't use debconf, and remove debconf-related files from + debian directory (incidentally closes: #412797) + - preserves settings in preinst, rather than moving conffiles to + foo.old + - do the conffile relocation in preinst (not postinst, which + inhibits dpkg diffs when they should be displayed) + - the cronjob in /etc/cron.d does nothing if the executable isn't + +x, so doesn't need to be commented out on uninstallation + - minor edits to debian/README to reflect these changes + * Set /var/run/john to mode 0700 in postinst configure unless a + dpkg-statoverride exists (Closes: #403855) + * On uninstallation, remove restore file from /var/lib, not /usr/share; + and do so in postrm remove, not prerm remove. On upgrade, if restore + file exists in /usr/share but not in /var/lib, move it in postinst. + + -- Kevin B. McCarty Wed, 14 Mar 2007 17:06:16 -0400 + +john (1.6-40) unstable; urgency=low + + * debian/control: updated my e-mail address. + + * debian/preinst, debian/postinst, debian/postrm: + - reorganized the code + - added debhelper token + * debian/postrm: + - changed interpreter to /bin/sh + * debian/prerm: + - always remove temporary file. (Closes: #350423) + + -- Guilherme de S. Pastore Tue, 18 Apr 2006 23:40:20 -0300 + +john (1.7-2) experimental; urgency=low + + * Patches changes: + - Drop the am64 patch (the AMD 64 bugs are fixed upstream and the patch + introduced new bugs) + - Drop the makefile patch (test code, should have been removed a long + time ago) + Neither are needed for these release any more + * Build changes: + - Use the MMX for i386 and amd64 and let john use the runtime fallback + if MMX is not present + - Introduce a build-john-stamp target in debian/rules to prevent cdbs from running the + build/john target twice (lead to FTBFS) + * Documentation changeS: + - Add doc/CONTACT to the documentation under debian/docs + - Added a debian/TODO + - Ofuscate the email addresses in the Debian manpages as + requested by Solar Designer + - Review the manpage and add double dashes to all options and equal + signs (GNU-style syntax). It still needs to be reviewed to adapt + it to 1.7... + + -- Javier Fernandez-Sanguino Pen~a Mon, 20 Feb 2006 18:10:28 +0100 + +john (1.7-1) experimental; urgency=low + + * New upstream release (Closes: #353151) + * Fix debian/copyright with information from doc/LICENSE, the + debian/copyright file said it was GPLv2 or later and the LICENSE + does not. Include other information from that file missing. + * Modify debian/patches/faq.diff since the fix is already applied + upstream + * Modify debian/patches/makefile.diff since the fix is carried upstesam + * Adjust debian/patches/systemwide.diff so that it uses the new SYSTEM_WIDE + definition + * Disable the MMX target for i386 (it does not work for the moment) and + use a single generic binary as with other architectures + * Create a link for /usr/share/john/john.conf that points to + /etc/john/john.conf (even though we have a systemwide configuration + pointing there, just in case) + + -- Javier Fernandez-Sanguino Pen~a Thu, 16 Feb 2006 14:53:36 +0100 + +john (1.6-39) unstable; urgency=low + + * debian/man/john.8: + - escape the apostrophe at the beginning of like 139. + * debian/extra/mailer: + - fixed configuration file parser in order to, among other things, + appropriately ignore comments (Closes: #340902) + + -- Guilherme de S. Pastore Thu, 29 Dec 2005 10:21:25 -0200 + +john (1.6-38) unstable; urgency=low + + * debian/control: + - update to Standards-Version 3.6.2.1 with no changes + * debian/patches: + - faq.diff, makefile.diff, system-wide.diff: transformed changes made to + the source tree directly and stored in the .diff.gz file into patches, + so it's possible to maintain the package in an SVN repository + * debian/postinst: + - modify indentation + - remove $tmp if $cronfile doesn't exist (Closes: #332488) + * Updated Swedish debconf templates translation; thanks to + Daniel Nylander (Closes: #334883) + + -- Guilherme de S. Pastore Fri, 11 Nov 2005 22:39:25 -0200 + +john (1.6-37) unstable; urgency=medium + + * debian/control: + - updated maintainer's e-mail address + * debian/config, debian/postrm, debian/preinst: + - Removed bashisms + * debian/man/john.8: + - fixed typo, thanks to A Costa (Closes: #325683) + * debian/extra/john: + - remove the /proc existence check, which will make the script + simply fall back to john-any if MMX can't be checked for + * debian/copyright: + - cosmetic fixes + - updated FSF's address + + -- Guilherme de S. Pastore Fri, 12 Aug 2005 17:36:04 -0300 + +john (1.6-36) unstable; urgency=medium + + * debian/control: + - added debconf-2.0 as alternative to debconf dependency + * debian/extra/john: + - run john-{any,mmx} with the same we've been given, so it + works with unshadow and friends (Closes: #322442) + * debian/rules: + - install john.conf with the right permissions + - append to binary-install/john instead of binary-post-install/john + + -- Guilherme de S. Pastore Thu, 4 Aug 2005 14:11:07 -0300 + +john (1.6-35) unstable; urgency=low + + * Moved john-any and john-mmx to /usr/lib/john on i386, as the user + is not supposed (and won't be able) to run them directly + * Fix stupid usage of debian/john.install that broke a couple of things + in -34 (not uploaded to Debian, at least) + * debian/extra/john-mail.conf: + - Make it clear(er) that one shouldn't put the path to the system + password file in the passfile directive (Closes: #296766) + + -- Guilherme de S. Pastore Sat, 30 Jul 2005 12:20:02 -0300 + +john (1.6-34) unstable; urgency=low + + * debian/control: + - Rewrote both short and long description + - Updated Standards-Version to 3.6.2 with no changes + - Christian Kurz is really MIA, as he stated he would be. Removed + him from Uploaders. Thanks for the great work! + * debian/docs: + - Move installation of doc/NEWS to john.install, so we don't have to + manually rename it in debian/rules + * debian/examples: + - Removed run/john.ini from the list, it's the configuration file + * debian/po: + - de.po, es.po: unfuzzied header + - pt_BR.po: converted from ISO-8859-1 to UTF-8 + - vi.po: added Vietnamese translation from Clytie Siddall (Closes: #314258) + * debian/rules: + - General cleanups + - Don't strip files manually: dh_strip handles this + - Moved manpages installation to debian/john.manpages + - Don't include cdbs's buildcore.mk: it's included by debhelper.mk + - Properly use dpkg-architecture instead of dpkg --print-architecture + - Added /var/run/john to DEB_FIXPERMS_EXCLUDE: the location needs to + be safe from normal user reading + - Symlinks are now handled within debian/john.links, and always point + to /usr/sbin/john, as the script should handle non-MMX machines + * debian/README.wordlists: + - Rewritten from scratch for better language + - Removed references to non-free costly word lists + + -- Guilherme de S. Pastore Mon, 18 Jul 2005 13:27:24 -0300 + +john (1.6-33) unstable; urgency=medium + + * Fixed cronjob so that it doesn't send empty e-mails when no + password is cracked (Closes: #272065) + * Debconf templates: + - Updated Czech translation from Miroslav Kure (Closes: #273839) + - Updated Brazilian Portuguese translation from Tiago Vaz (Closes: #272432) + + -- Guilherme de S. Pastore Fri, 19 Nov 2004 21:09:15 -0200 + +john (1.6-32) unstable; urgency=medium + + * Fix "errors" displayed to user during purge (Closes: #268938) + * Debconf templates: + - Added Turkish translation from Recai Oktas (Closes: #269518) + - Updated Japanese translation from Hideki Yamane (Closes: #269530) + - Updated Dutch translation from Frans Pop (Closes: #269825) + - Updated German translation from Florian Ernst (Closes: #271299) + - Updated French translation from Frédéric Zulian (Closes: 271433, 271440) + [ Javier Fernandez-Sanguino ] + * The cronjob will now echo the output of the mailer script so that + root gets a mail about easy passwords like it previously did + + -- Guilherme de S. Pastore Sun, 12 Sep 2004 19:43:23 -0300 + +john (1.6-31) unstable; urgency=low + + * Added versioned dependency on dpkg >= 1.10.16, to have correct version + of start-stop-daemon and not wipe out system's /etc/shadow + (Closes: #266737) + + -- Guilherme de S. Pastore Wed, 18 Aug 2004 22:56:17 -0300 + +john (1.6-30) unstable; urgency=low + + * Rewrote debconf templates (Closes: #259299) + - Added Danish translation from Claus Hindsgaul + - Added Russian translation from Yuri Kozlov + * Fixed handling of warning of "No configuration file" when upgrading + from a version that used the old path, /etc/john.ini (Closes: #259320) + [ Javier Fernandez-Sanguino ] + * Updated Spanish translation of debconf templates + - Revision by Rudy Godoy + * debian/extra/cronjob: + - Remove all comments before grepping and only use the first definition. + Supposedly closes: #262316 + + -- Guilherme de S. Pastore Wed, 14 Jul 2004 06:31:47 -0300 + +john (1.6-29) unstable; urgency=high + + * debian/extra/cronjob: + - Installed again with execution permitions (+x) (Closes: #259084) + * Fixes related to configuration files move from /etc to /etc/john: + - debian/man/john.8 + - debian/extra/mailer (Closes: #259085) + - Debconf template and pt_BR translation + [ Javier Fernandez-Sanguino ] + * Minor typo fixes in the templates as suggested by Nicolas François in + #259191 + * Unfuzzied spanish translations after revision. + * Added missing entries of previous version to the changelog + * Remove files under /var/run/john and /etc/john on purge + + -- Guilherme de S. Pastore Mon, 12 Jul 2004 21:03:47 -0300 + +john (1.6-28) unstable; urgency=medium + + * Ported debian/rules to use CDBS + - Removed debian/conffiles, debhelper handles this + - Uses debian/dirs and others instead of polluting debian/rules + - Made cleanups and removed things that remained there from older + releases, such as unnecessary directories + * Bumped Standards-Version to 3.6.1.1 + * Moved manpages to section 8 (Closes: #252206) + - Fixed problems (Closes: #252506) + * Re-added sparc support with generic target (Closes: #220928) + * Added real alternative to suggestion on wordlist + * Removed lintian/linda overrides, don't need them anymore + * Moved configuration files to /etc/john/ (Closes: #141741, #229597) + * Only check for configuration file in config if it's an upgrade + (Closes: #251227, #253194) + * Added patch from Goswin von Brederlow to avoid segfaults when + casting signed char to unsigned int on amd64 (Closes: #251095) + * Added clarification to the manpage about having to run john with + -show from the same directory where the password was cracked, so + that it works (Closes: #228750) + [ Javier Fernandez-Sanguino ] + * Build on all architectures Debian supports, using the 'generic' + target for the ones not supported by john (Closes: #138689, #224883) + * Major rewrite of the cronjob which will now work as follows: + - Mailer uses the latest password file to avoid mailing users warning + about passwords if they have changed it (Closes: #251172) + - Stale files are now removed under some circunstances (so /var/run/john + does not fill up with cronpasswd files) + - John is started/stopped using start-stop-daemon which makes it + write the pid file properly (unlike previously). Also, + the start-stop-daemon usage makes it possible to run john as a + non-root user (if everything is 'chowned' to him). + - This new cronjob will now restore interrupted sessions correctly + (and uses the john.rec files) (Closes: #213164) + + -- Guilherme de S. Pastore Thu, 27 May 2004 18:14:28 -0300 + +john (1.6-27) unstable; urgency=low + + * New maintainer + * Bumped Standards-Version to 3.6.1.0 + * Removed Origin: field from debian/control + * Corrected typo on debian/man/mailer.1 (Closes: #249574) + * Added Czech translation provided by Miroslav Kure (Closes: #244363) + * Dropped Sparc support so that bug fixes can progress into testing. + This will remain until there is a proper fix for this issue. + [ Javier Fernandez-Sanguino ] + * Updated debian/po/fr.po with patch provided by Christian Perrier (merged + manually the changes since they are not using the latest version) + (Closes #229624) + * Updated the Spanish translation (debian/po/es.po) + * Added the ldap-extract script provided by Klaus Ethgen to the examples + (Closes: #226980) + * Nice John's cron job per default (nobody rejected this and seems + a reasonable request since john should be able to recover nicely) + (Closes: #228799) + * Fixed PID loop in the cronjob (Closes: #227323) + [ Christian Kurz] + * Updated debian/po/pt_BR.po with patch provided by Andre Luis Lopes + (Closes: #228122) + * Updated debian/po/ja.po with a patch provided by Hideki Yamane + (Closes: #235647) + * Updated debian/po/de.po with a patch provided by Florian Ernst + (Closes: #244524) + + -- Guilherme de S. Pastore Mon, 17 May 2004 22:39:21 -0300 + +john (1.6-26) unstable; urgency=medium + + * The "I should not forget to dupload stuff" Release. + [ Javier Fernandez-Sanguino ] + * Created a new template, and modified the config so it checks + whether john.ini exists or not (Closes: #226897) + * The default john.ini file is now included as an example (so the user can + use it for restoration of the config file) + * Added a proper charset to the de.po file. + * Updated the spanish po file. + [ Christian Kurz ] + * Updated debian/po/fr.po with patch provided by Christian Perrier (Closes: #227024) + + -- Javier Fernandez-Sanguino Pen~a Mon, 12 Jan 2004 20:29:35 +0100 + +john (1.6-25) unstable; urgency=low + + * The "I still have to submit the code to alioth... Merry Xmas!" Release + * Added debconf loading to prerm script, thanks to Bastian Kleineidam + (Closes: #224160) + * Removed debbugs call in debian/control (Closes: #220069) + * Added japanese translation provided by Hideki Yamane (Closes: #224182) + * Removed lintian/override creation from debian/rules (Closes: #223374) + + -- Javier Fernandez-Sanguino Pen~a Fri, 26 Dec 2003 14:22:11 +0100 + +john (1.6-24) unstable; urgency=low + + * When upgrading, do not ask to enable the cronjob if the user has + not chosen to replace it. + + -- Javier Fernandez-Sanguino Pen~a Mon, 17 Nov 2003 01:05:47 +0100 + +john (1.6-23) unstable; urgency=low + + * Fixed the cronjob in order to avoid mails with just + "Usage: /usr/sbin/mailer PASSWORD-FILE" since it seems that under + some circumstances the restoration of jobs does not work properly. + Also added usage line. + * Modified prerm script in order to deinstall the cronjob if the + user is removing the package and has enabled the cronjob (Closes: #220845) + * Also modified the cron.d file to only run the cronjob if the file + exists and is executable. + + -- Javier Fernandez-Sanguino Pen~a Fri, 14 Nov 2003 01:34:22 +0100 + +john (1.6-22) unstable; urgency=low + + * Really fixed src/Makefile (I should have noticed that sparc.h was + not being created) since it still fails to build in sparc. + + -- Javier Fernandez-Sanguino Pen~a Wed, 12 Nov 2003 17:36:35 +0100 + +john (1.6-21) unstable; urgency=low + + * Modified src/Makefile in an attempt to fix the sparc build (broken since + 1.6-19) + + -- Javier Fernandez-Sanguino Pen~a Wed, 12 Nov 2003 11:15:04 +0100 + +john (1.6-20) unstable; urgency=low + + * New co-maintainer (myself) in an attempt to offload Christian + of some of work in this package. + * Fixed typos in debian/rules (Closes: #220013, #213154) + * Included some more information in the description as well as the + upstream location (Closes: #220008) + * Added template in order to allow for configuration of wordlists + by the user, as well as a README.wordlist document + (Closes: #159488, #123837, #220015) + * Recovered configuration note regarding cron jobs so john will now + properly enable/disable it if asked to (Closes: #220021) + * Included Spanish debconf translation (Closes: #220011) + * Recovered German translation of the cronjob and added a de.po file. + * Added Dutch debconf translation provided by Philippe Faes + (Closes: #211349) + * Added French debconf translation provided by Frederic Zulian + (Closes: #211540) + * Added author's name and updated email address in copyright. + * Creation of /var/run/john/ in order to use this location + for the temporary file in john-mail.conf (this is mode 0700 so that + even if the passwords are stored there the impact is reduced) + + -- Javier Fernandez-Sanguino Pen~a Mon, 10 Nov 2003 22:01:00 +0100 + +john (1.6-19) unstable; urgency=low + + * This release wouldn't have been possible without the help from Jeronimo + Pellegrini and Gergely Nagy. Both were a great help for me and so it's + only fair to credit them here and say a big "THANK YOU"! + * john will create now the files john.pot, john.ini and restore in the + directory where it was started from. + * Changed the unshadow.1 manpage as suggested by Colin Watson. This means + that one occurance of .br was replaced by .PP and an newline was added. + This will address the issue of the slightly broken unshadow manpage, + that has been reported as bug #142848. + * The manpage john.1 won't mention the non-existing john-ini.5 anymore. This + is going to fix the bug #122438. + * Integrated two patches from Jeronimo Pellegrini that are going to improve + the cronjob. Also thanks to Gergely Nagy for his help with devising and + developing the patches. This should address bug #162991. + * Also the whole setup and behaviour of the cronjob has been modified. This + should also fix the bug #118012 since the code has been changed. + * Updated the URL pointer in the FAQ. This should fix the bug report + #159580. + * Changed the wrong comment in the file /etc/john-mail.conf. This will fix + the bug #162599. + * Fixed the location of password.lst and the location of the files for the + incremental mode in /etc/john.ini. This will fix the bugreport #79831. + * Reworked support for translation of debconf messages. Now this package is + using po-debconf for this purpose. + + -- Christian Kurz Wed, 11 Dec 2002 22:17:09 +0100 + +john (1.6-18) unstable; urgency=low + + * Applied a patch from Jeronimo Pellegrini to remove the reference + to the unexisting john.ini(5) manpage. (Closes: #122438) + * Applied a fix from Ben Okopnik to the unshadow manpage. + (Closes: #142848) + + -- Christian Kurz Sun, 14 Apr 2002 23:33:09 +0200 + +john (1.6-17) unstable; urgency=low + + * Rewording of comments in config file. (Closes: #115556) + (Thanks to Martin F Krafft) + * Included hack to remove cronjob if needed. (Closes: #114835,#117034) + + -- Christian Kurz Sun, 14 Oct 2001 20:14:42 +0200 + +john (1.6-16) unstable; urgency=low + + * Integrated patch from Damyan Ivanov to fix unquoted sed + expressions. (Closes: #113557) + + -- Christian Kurz Wed, 26 Sep 2001 12:57:53 +0200 + +john (1.6-15) unstable; urgency=low + + * Fixed typo in debconf templates. (Closes: #112058,#113166) + * Should fix another problem with the lock-file. (Closes: #113332) + + -- Christian Kurz Wed, 12 Sep 2001 16:08:30 +0200 + +john (1.6-14) unstable; urgency=low + + * Added german debconf translation from Sebastian Feltel. + (Closes: #109980) + * Fixed two typos in the john.1 manpage, noted by Stephen Frost. + * Applied patch from Daniel Kobras to fix two oversights in the + cronjob script. (Closes: #110272) + * Applied patch from Jeronimo Pellegrini to fix some small problems + in the scripts. (Closes: #110957) + + -- Christian Kurz Sat, 25 Aug 2001 09:09:18 +0200 + +john (1.6-13) unstable; urgency=low + + * We'll gzip the example file, which is about 12k. But the other files + which are just 2-6k will be stay uncompressed, until some very good + reasons are presented to convince me. (Closes: #96650) + * Integration of Patch from Jeronimo Pellegrini to support the + installation and deinstallation of a cronjob. (Closes: #101970) + + -- Christian Kurz Thu, 12 Jul 2001 22:55:09 +0200 + +john (1.6-12) unstable; urgency=low + + * Now we finally added manpages for john which have been written by + Jordi Mallach and Jeronimo Pellegrini. (Closes: #62498) + * Applied a patch from Jeronimo Pellegrini to make the mailer script + more configurable. (Closes: #101968) + + -- Christian Kurz Sun, 20 May 2001 10:18:56 +0200 + +john (1.6-11) unstable; urgency=low + + * Fixed Symlinks for $ARCHITECURE != i386. (Closes: #92280) + + -- Christian Kurz Sat, 31 Mar 2001 18:34:42 +0200 + +john (1.6-10) unstable; urgency=low + + * Fixed the symlinks, since we didn't notice that we broke them with + the 1.6-8 release. Now, it should work fine again. (Closes: #91824) + + -- Christian Kurz Wed, 28 Mar 2001 08:22:18 +0200 + +john (1.6-9) unstable; urgency=low + + * Fixed the name of the override file for john and also it' + location. (Closes: #81218) + + -- Christian Kurz Sun, 25 Mar 2001 00:30:33 +0100 + +john (1.6-8) unstable; urgency=low + + * Fixed the startup script for john to correctly use bash. + + -- Christian Kurz Thu, 1 Mar 2001 20:00:13 +0100 + +john (1.6-7) unstable; urgency=low + + * Fixed a typo to build john also on Alpha (Closes: #83696) + + -- Christian Kurz Sat, 27 Jan 2001 09:13:13 +0100 + +john (1.6-6) unstable; urgency=low + + * Added sparc-fix from Solar Designer (Closes: #81756). + * Changed rules file to build two different versions of john, one with + mmx extensions, and one without. + * Added wrapper script to start john. + + -- Christian Kurz Fri, 12 Jan 2001 22:31:05 +0100 + +john (1.6-5) unstable; urgency=low + + * Moved overrides file to correct location (Closes: 81218). + * Added 3 lines to overrides file for the symlinks. + + -- Christian Kurz Thu, 4 Jan 2001 20:51:32 +0100 + +john (1.6-4) unstable; urgency=low + + * Hopefully I fixed now the logfile-path-bug. + + -- Christian Kurz Fri, 8 Dec 2000 22:26:26 +0100 + +john (1.6-3) unstable; urgency=low + + * Fixed pre-rm to allow removal of package (Closes: 74091). + + -- Christian Kurz Thu, 5 Oct 2000 21:55:51 +0200 + +john (1.6-2) unstable; urgency=low + + * Changed debian/rules to be faster and more portable. + * Fixed prerm-script to run only on purges. + * Fixed some pathes to better defaults. + + -- Christian Kurz Mon, 15 May 2000 19:37:07 +0200 + +john (1.6-1) unstable; urgency=low + + * First Debian release. + + -- Christian Kurz Sat, 1 Apr 2000 12:23:57 +0200 --- john-1.7.2.orig/debian/manpages +++ john-1.7.2/debian/manpages @@ -0,0 +1,5 @@ +debian/man/john.8 +debian/man/mailer.8 +debian/man/unafs.8 +debian/man/unique.8 +debian/man/unshadow.8 --- john-1.7.2.orig/debian/examples +++ john-1.7.2/debian/examples @@ -0,0 +1 @@ +debian/extra/ldap-extract --- john-1.7.2.orig/debian/rules +++ john-1.7.2/debian/rules @@ -0,0 +1,109 @@ +#!/usr/bin/make -f +# -*- makefile -*- + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +include /usr/share/quilt/quilt.make + +ARCH := $(shell dpkg-architecture -qDEB_HOST_ARCH) +CPU := $(shell dpkg-architecture -qDEB_HOST_ARCH_CPU) +CFLAGS = -DJOHN_SYSTEMWIDE -g -c -Wall +DEST = $(CURDIR)/debian/john + +ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) + CFLAGS += -O0 +else + CFLAGS += -O2 +endif +ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) + STRIP += -s +endif + +ifeq ($(ARCH),i386) + TARGET := linux-x86-any +else + ifeq ($(ARCH),alpha) + TARGET := linux-alpha + else + TARGET := generic + endif +endif + +build: build-stamp +build-stamp: $(QUILT_STAMPFN) + dh_testdir + + # GCC segfaults on ARM if -funroll-loops is used. + # Please see #476460 +ifeq ($(CPU),arm) + $(MAKE) OPT_NORMAL= CFLAGS="$(CFLAGS)" -C src/ $(TARGET) +else + $(MAKE) CFLAGS="$(CFLAGS)" -C src/ $(TARGET) +endif + +ifeq ($(ARCH),i386) + mv $(CURDIR)/run/john $(CURDIR)/run/john-any + $(MAKE) -C src/ clean + $(MAKE) CFLAGS="$(CFLAGS)" -C src/ linux-x86-mmx + mv $(CURDIR)/run/john $(CURDIR)/run/john-mmx +endif + touch $@ + +clean: unpatch + dh_testdir + dh_testroot + rm -f build-stamp configure-stamp +ifeq ($(ARCH),i386) + -rm -f $(CURDIR)/run/john-any $(CURDIR)/run/john-mmx +endif + [ ! -f $(CURDIR)/src/Makefile ] || $(MAKE) -C src/ clean + dh_clean + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + dh_install + + chmod -c 755 $(DEST)/usr/share/john/cronjob + +ifeq ($(ARCH),i386) + install -d $(DEST)/usr/lib/john + install $(STRIP) $(CURDIR)/run/john-any $(DEST)/usr/lib/john/john-any + install $(STRIP) $(CURDIR)/run/john-mmx $(DEST)/usr/lib/john/john-mmx + install -m 755 $(CURDIR)/debian/extra/john $(DEST)/usr/sbin/john +else + install $(STRIP) $(CURDIR)/run/john $(DEST)/usr/sbin/john +endif + +binary-common: + dh_testdir + dh_testroot + dh_installchangelogs doc/CHANGES + dh_installdocs + dh_installexamples + dh_installcron +# dh_installdebconf + dh_installman + #dh_lintian + dh_link + dh_strip + dh_compress + dh_fixperms + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary-indep: build install + $(MAKE) -f debian/rules DH_OPTIONS=-i binary-common + +binary-arch: build install + $(MAKE) -f debian/rules DH_OPTIONS=-s binary-common + +binary: binary-indep binary-arch + +.PHONY: build clean binary-indep binary-arch binary install --- john-1.7.2.orig/debian/links +++ john-1.7.2/debian/links @@ -0,0 +1,3 @@ +usr/sbin/john usr/sbin/unafs +usr/sbin/john usr/sbin/unique +usr/sbin/john usr/sbin/unshadow --- john-1.7.2.orig/debian/prerm +++ john-1.7.2/debian/prerm @@ -0,0 +1,20 @@ +#!/bin/sh +set -e + +case $1 in +remove) + /usr/share/john/cronjob stop + ;; + +upgrade|failed-upgrade|deconfigure) + # These cases need no actions here + : + ;; + +*) + echo "$0: undocumented call: $@" >&2 + exit 1 + ;; +esac + +#DEBHELPER# --- john-1.7.2.orig/debian/copyright +++ john-1.7.2/debian/copyright @@ -0,0 +1,124 @@ +Source: http://www.openwall.com/john/ + +Files: src/NT_fmt.c (from debian/patches/01-add_NTLM-MD4.patch) + src/mscash_fmt.c (from debian/patches/02-add_MS-Credential-Cache.patch) +Copyright: © 2007, Alain Espinosa +License: PD +==> NT_fmt.c <== + /* NTLM patch for john (performance improvement) + * + * Written by Alain Espinosa in 2007 + * and placed in the public domain. + */ +==> mscash_fmt.c <== + /* MSCASH patch for john (performance improvement) + * + * Written by Alain Espinosa in 2007 + * and placed in the public domain. + */ + +Files: src/NETLM_fmt.c (from debian/patches/03-add_NetLM-NetNTLM.patch) + src/NETNTLM_fmt.c (from debian/patches/03-add_NetLM-NetNTLM.patch) +Copyright: © 2007, JoMo-Kun +License: PD +==> NETLM_fmt.c <== + /* + * NETLM_fmt.c -- LM Challenge/Response + * + * Written by JoMo-Kun in 2007 + * and placed in the public domain. +==> NETNTLM_fmt.c <== + /* + * NETNTLM_fmt.c -- NTLM Challenge/Response + * + * Written by JoMo-Kun in 2007 + * and placed in the public domain. + +Files: debian/* +Copyright: © 2008, David Paleino + © 2004-2006, Guilherme de S. Pastore + © 2003-2004, Javier Fernandez-Sanguino Peña + © 2000-2004, Christian Kurz +License: GPL-2+ + This program is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your option) + any later version. + +Files: src/crc32.{c,h} +Copyright: © 1998-2005, Solar Designer +License: PD + +Files: src/nonstd.c + src/sboxes.c +Copyright: © 1998, Matthew Kwan +License: PD-like +==> nonstd.c <== + /* + * Generated S-box files. + * + * This software may be modified, redistributed, and used for any purpose, + * so long as its origin is acknowledged. + * + * Produced by Matthew Kwan - May 1998 + */ +==> sboxes.c <== + /* + * Generated S-box files. + * + * This software may be modified, redistributed, and used for any purpose, + * so long as its origin is acknowledged. + * + * Produced by Matthew Kwan - March 1998 + */ + +Files: src/x86-64.S +Copyright: © 2000-2006, Solar Designer + © 1998, Matthew Kwan +License: PD-like + /* + * This file is part of John the Ripper password cracker, + * Copyright (c) 2000-2001,2005,2006 by Solar Designer and others: + * + * The optimized S-box expressions are based on work by Matthew Kwan (see + * nonstd.c and sboxes.c). S1-S5 and S7 are based on nonstd.c, whereas S6 + * and S8 are based on sboxes.c. + */ + +Files: src/x86-mmx.S + src/x86-sse.S +Copyright: © 2000-2006, Solar Designer + © 1998, Matthew Kwan + © Bruce Ford + © Rémi Guyomarch +License: PD-like +==> x86-mmx.S <== + /* + * This file is part of John the Ripper password cracker, + * Copyright (c) 2000-2001,2005,2006 by Solar Designer and others: + * + * The MMX DES S-box code is by Bruce Ford and Rémi Guyomarch, originally + * for use in the distributed.net clients, included here with permission. + * Only minor modifications have been made to their S-box code. Optimized + * S-box expressions are based on work by Matthew Kwan (see nonstd.c). + * + * Note: there's some MMX code in x86.S as well. + */ +==> x86-sse.S <== + /* + * This file is part of John the Ripper password cracker, + * Copyright (c) 2000-2001,2005,2006 by Solar Designer and others: + * + * The MMX DES S-box code that this SSE2 DES S-box code is derived from + * is by Bruce Ford and Rémi Guyomarch, originally for use in the + * distributed.net clients, included here with permission. Only minor + * modifications have been made to their S-box code. The optimized S-box + * expressions are based on work by Matthew Kwan (see nonstd.c). + */ + +Files: * +Copyright: © 1996-2006, Alexander Peslyak a.k.a. Solar Designer +License: GPL-2+ + +On Debian systems, the complete text of the GNU General Public License v2 can be +found in `/usr/share/common-licenses/GPL-2'. --- john-1.7.2.orig/debian/install +++ john-1.7.2/debian/install @@ -0,0 +1,6 @@ +run/john.conf /etc/john/ + +debian/extra/cronjob /usr/share/john/ +debian/extra/mailer /usr/sbin +debian/extra/john-mail.msg /etc/john +debian/extra/john-mail.conf /etc/john --- john-1.7.2.orig/debian/watch +++ john-1.7.2/debian/watch @@ -0,0 +1,2 @@ +version=3 +http://www.openwall.com/john/ f/john-(\d+.*)\.tar\.gz --- john-1.7.2.orig/debian/postinst +++ john-1.7.2/debian/postinst @@ -0,0 +1,66 @@ +#!/bin/sh +set -e + +# Versions earlier than 1.6-34 and later than (perhaps) 1.6-19 include +# /var/run/john as mode 0755, which could allow users to read cracked +# passwords. Later versions fixed the permissions of the included +# directory, but dpkg doesn't automatically make changes to directory +# modes. +fixperms () +{ + p=/var/run/john + # If the admin has an override, don't touch it + # (even if the override is to mode 0700?) + dpkg-statoverride --list $p >/dev/null && return + curmod=`stat -c %a $p` + [ $(( 0$curmod & 07077 )) -eq 0 ] && return + chmod -v 0700 $p +} + +# Commit conffile move from preinst +rm_conffile_do () +{ + c=0 + # a=1 is a search if the files exist, + # a=2 is removal of those which do + for a in 1 2; do + for f in john-mail.conf john-mail.msg john.ini; do + g=/etc/$f.moved_by_preinst + [ -e $g ] || continue + c=$(( $c + 1 )) + [ "$a" -eq 1 ] && break + echo -n " " + rm -fv $g + done + + [ "$c" -eq 0 ] && return + [ "$a" -eq 1 ] || continue + echo "Committing removal of unmodified conffiles:" + done >&2 +} + +case $1 in +configure|abort-upgrade|abort-remove|abort-deconfigure) + fixperms + rm_conffile_do + + # this state file has moved to /var/lib/john quite some time ago + old=/usr/share/john/restore + new=/var/lib/john/restore + + if [ -e $old ] ; then + if [ -e $new ] ; then + rm -f $old + else + mv -f $old $new + fi + fi + ;; + +*) + echo "$0: undocumented call $@" >&2 + exit 1 + ;; +esac + +#DEBHELPER# --- john-1.7.2.orig/debian/preinst +++ john-1.7.2/debian/preinst @@ -0,0 +1,61 @@ +#!/bin/sh +set -e + +# Relocate a conffile from one location to another; it is removed iff +# unmodified, and moved iff modified. +# The undo path is postrm abort-install|abort-upgrade. +# $1 is the old pathname of the conffile, +# $2 is the new pathname of the conffile. +mv_conffile () +{ + [ ! -f "$1" ] && return + if [ -e "$2" ] ; then + echo "Not moving conffile $1 to $2; new file exists" + return + fi + + orgmd5=`dpkg-query -W -f='${Conffiles}' dpkg | cut -d' ' -f3` + curmd5=`md5sum $1 |sed -e 's/ .*//'` + if [ "$orgmd5" = "$curmd5" ]; then + # conffile unmodified; prepare to remove it, allowing + # dpkg to install a new copy to the new location + # before "configuration" + echo "Preparing to remove unmodified conffile:" + echo -n " " + mv -fv $1 $1.moved_by_preinst + else + # conffile modified by admin; relocate it, causing + # dpkg to prompt, as intended + echo "Relocating modified conffile to new location:" + echo -n " " + mv -fv $1 $2 + fi >&2 +} + +p1=/etc +p2=/etc/john +case $1 in +install|upgrade) + [ -d $p2 ] || mkdir $p2 + if dpkg --compare-versions "$2" le-nl 1.6-27; then + mv_conffile $p1/john.ini $p2/john.conf + mv_conffile $p1/john-mail.conf $p2/john-mail.conf + mv_conffile $p1/john-mail.msg $p2/john-mail.msg + + # No need to remove the obsolete conffile + # /etc/cron.daily/john, since old prerm does so + # unconditionally (and there is nothing we can do to stop it) + fi + ;; + +abort-upgrade) + # This case needs no actions here + ;; + +*) + echo "$0: undocumented call: $@" + exit 1 + ;; +esac + +#DEBHELPER# --- john-1.7.2.orig/debian/README.wordlists +++ john-1.7.2/debian/README.wordlists @@ -0,0 +1,47 @@ +John the Ripper and word lists +------------------------------ +(or how to remove the false sense of security) + +The Debian version of John the Ripper can be configured to run as a +cron job, which will make it periodically check the passwords used +on the system in order to determine if they are really "secure" +(that is, not easy to guess or crack by brute force). + +Currently, john provides its own word list for password cracking, which +contains a lot of common passwords, as provided by john's author, and +can be found on /usr/share/john/password.lst. However, user passwords +strongly depend on the mother tongue and the cultural background, hence, +the default word list alone might not be ideal for every system. + +This is the reason why, in some cases, installing john and running it +often might give sense of security that is not necessarily true. While +you think it will be able to guess easy passwords, it it only able to +guess easy and common English passwords. + +If you think this is the case, there are a number of wordlists you can +use: provided by Debian or other sources (FTP servers related to security +often provide a directory with those). + +Some spell checkers in Debian provide the word lists used by them (26 at +the time of writing these lines). They may be useful to look for passwords +based on words, and are available for many foreign languages. You can see +the list of packages providing wordlists by running + +$ grep-available -e wordlist -n -F Provides -s package + +Notice that there are some other Debian packages (such as 'jargon') that +might provide word lists useful for password-checking purposes too. + +Some word lists suitable for password cracking can be found on, among +others: + ftp://ftp.zedz.net/pub/crypto/wordlists/ + ftp://ftp.cerias.purdue.edu/pub/dict/ + ftp://ftp.ox.ac.uk/pub/wordlists/ + +They are not simply dictionaries, but a compendium of common names, +heroes, popular teams, etc., which may provide even more useful input +for john. + +-- +The Debian Maintainers of john +Tue, 19 Jul 2005 14:15:15 -0300 --- john-1.7.2.orig/debian/john-data.dirs +++ john-1.7.2/debian/john-data.dirs @@ -0,0 +1 @@ +/usr/share/john --- john-1.7.2.orig/debian/john-data.install +++ john-1.7.2/debian/john-data.install @@ -0,0 +1,2 @@ +run/*.chr /usr/share/john/ +run/password.lst /usr/share/john/ --- john-1.7.2.orig/debian/dirs +++ john-1.7.2/debian/dirs @@ -0,0 +1,7 @@ +etc/cron.d +etc/john +usr/lib +usr/sbin +usr/share/john +var/lib/john +var/run/john --- john-1.7.2.orig/debian/docs +++ john-1.7.2/debian/docs @@ -0,0 +1,11 @@ +doc/CONFIG +doc/CREDITS +doc/EXAMPLES +doc/EXTERNAL +doc/README +doc/FAQ +doc/MODES +doc/OPTIONS +doc/RULES +debian/README.wordlists +debian/extra/CONFIG.mailer --- john-1.7.2.orig/debian/cron.d +++ john-1.7.2/debian/cron.d @@ -0,0 +1,14 @@ +# +# Start john everyday at the same to try to crack the passwords. The +# second line will then later stop the process so that it doesn't +# consume system resources that are needed otherwise. You are +# encouraged to change the times. +# +# Also notice that John is 'nice'd, if you don't like this (you +# believe that your system can run fine with john doing its work) +# just remove the 'nice' call +# +# JOHN_OPTIONS = foo bar (man 5 crontab) +# +#00 1 * * * root [ -x /usr/share/john/cronjob ] && nice /usr/share/john/cronjob start +#00 7 * * * root [ -x /usr/share/john/cronjob ] && /usr/share/john/cronjob stop --- john-1.7.2.orig/debian/extra/cronjob +++ john-1.7.2/debian/extra/cronjob @@ -0,0 +1,199 @@ +#!/bin/bash +# +# This script runs every day, trying to crack passwords, and then calls +# mailer to warn the users (and maybe also root) about that. + +# One of two options should be passed to this script: +# start -- start running john +# stop -- stops running john +# The script will run/stop john (as a background process if started) +# and exit. + +# The time when the script is called can be configured in /etc/cron.d/john + +# You can pass options to john in /etc/cron.d/john. See john(1) for the possible +# options, and include them after "JOHN_OPTIONS=" below. + +JOHNDIR=/usr/sbin +PASSWD=/etc/passwd +SHADOW=/etc/shadow +RUNDIR=/var/lib/john +PIDDIR=/var/run/john +RESTORE=$RUNDIR/restore + +PASSFILE=`grep -v ^# /etc/john/john-mail.conf | grep -e "[ ]*passfile[ ]*=[ ]*" | sed -e "s/#.*//" -e "s/.*=[ ]*//" |head -1` +cd $RUNDIR + +# Gets the PID of the process that should be running john, +# and sends SIGHUP to it. +# +john_stop() +{ + + RESTOREFILE="" + if [ -f $RESTORE ]; then + RESTOREFILE=`grep ^$PASSFILE $RESTORE` + fi + + if [ -f $PIDDIR/john.pid ] + then + # Stop john, we don't really care too much about the error + # messages (just in case, the john cronjob might have finished + # its job and exited) + /sbin/start-stop-daemon --stop -q -o --pidfile $PIDDIR/john.pid 2>&1 >/dev/null + rm $PIDDIR/john.pid + else + # Try the old (deprecated) method if we don't have a piddfile + john_stop_all + fi + + + # Once finished we determine if we need to mail anything + rm -f /var/lock/john + if [ ! -z "$RESTOREFILE" -a -f "$RESTOREFILE" ] ; then + # But use the latest shadow file + TMPFILE=`mktemp $PASSFILE.XXXXXX` || exit 1 + chmod og-rwx $TMPFILE + if [ -n "$SHADOW" -a -f "$SHADOW" ]; then + $JOHNDIR/unshadow $PASSWD $SHADOW >> $TMPFILE + else + cat $PASSWD >> $TMPFILE + fi + # Move to the directory where john.pot resides + OUTPUT=`$JOHNDIR/mailer $TMPFILE 2>&1` + # Mailer mails to root if there is something relevant + # this could be done by configuring john-mail.msg too.. + if [ -n "$OUTPUT" ]; then + echo $OUTPUT + fi + rm -f $TMPFILE + fi +} + +# Gets the PID of all the processes called "john" processes, try to checks +# which one we want, and sends SIGHUP to it. +# +john_stop_all() +{ + +PID=`/bin/pidof john` +for p in $PID; do + PROCPATH=$(readlink /proc/$p/exe) + RELEVANTPATH=`echo $PROCPATH | sed -e"s^$JOHNDIR/john.*^$JOHNDIR/john^"` + if [ "$RELEVANTPATH" = $JOHNDIR/john ]; then + kill -2 $p + fi +done + +} + +# Starts john +# +john_start() +{ + +if [ -z $PASSFILE ]; then + mail -s "John cronjob is not configured yet!" root <> $TMPFILE + else + cat $PASSWD >> $TMPFILE + fi +fi + +# We capture the output of john, and check if there was a line with +# "guesses: 0" in it. If not, then either john exited abnormally, or +# passwords were guessed -- and in both cases we send all the output +# to stdout. +# +if [ ! -f /var/lock/john -a ! -f $PIDDIR/john.pid ]; then + touch /var/lock/john + + # Run john in background + # TODO: start-stop-daemon is flexible enought we could run + # it using a different user + if [ -z "$RESTORE_OPTION" ] ; then + /sbin/start-stop-daemon --start --chdir $RUNDIR -b -m \ + --pidfile $PIDDIR/john.pid --exec $JOHNDIR/john -- \ + $JOHN_OPTIONS $TMPFILE > /dev/null + else + # Note: If we are restoring the session all the options are already + # there... + /sbin/start-stop-daemon --start --chdir $RUNDIR -b -m \ + --pidfile $PIDDIR/john.pid --exec $JOHNDIR/john -- \ + $RESTORE_OPTION $JOHN_OPTIONS $TMPFILE > /dev/null + fi +else + PID=`cat $PIDDIR/john.pid` + # Redundant check (just in case) + PROCPATH=$(readlink /proc/$PID/exe) + RELEVANTPATH=`echo $PROCPATH | sed -e"s^$JOHNDIR/john.*^$JOHNDIR/john^"` + if [ "$RELEVANTPATH" = $JOHNDIR/john ]; then + mail -s "John is already running" root <new("localhost") or die $@; +$ldap->bind($ARGV[2], password => $ARGV[3], version => 3) or die "Cannot bind to ldap server $ARGV[2]: $!"; +my $res = $ldap->search(base => $ARGV[1], scope => "sub", attrs => + [qw(cn uid userPassword loginShell homeDirectory uidNumber gidNumber)],filter => "cn=*"); +my $x = $res->as_struct; +foreach (keys %$x) +{ + print $x->{$_}->{uid}->[0]; + my $pw = $x->{$_}->{userpassword}->[0]; + if ($pw =~ /^\{crypt\}(.*)$/) + { + $pw = $1; + } +# else +# { +# $pw =~ s/^\{.+\}/\$1\$/; +# } + print ":$pw"; + foreach my $i (qw(uidnumber gidnumber cn homedirectory loginshell)) + { + print ":", $x->{$_}->{$i}->[0]; + } + print "\n"; +} +$ldap->unbind; + +exit 0; --- john-1.7.2.orig/debian/extra/john +++ john-1.7.2/debian/extra/john @@ -0,0 +1,14 @@ +#!/bin/bash -e + +MYNAME=john +if [ -n $0 ]; then + MYNAME=$(basename $0) +fi + +if grep -q '^flags.* mmx' /proc/cpuinfo; then + exec -a $MYNAME /usr/lib/john/john-mmx $* +else + exec -a $MYNAME /usr/lib/john/john-any $* +fi + +exit 0 --- john-1.7.2.orig/debian/extra/mailer +++ john-1.7.2/debian/extra/mailer @@ -0,0 +1,53 @@ +#!/bin/sh +# +# This file is part of John the Ripper password cracker, +# Copyright (c) 1996-98 by Solar Designer +# + +if [ $# -ne 1 ]; then + echo "Usage: $0 PASSWORD-FILE" + exit 0 +fi + +if [ ! -f /etc/john/john-mail.conf ]; then + echo "Couldn't find /etc/john/john-mail.conf -- stopping!" + exit 0 +fi + +if [ ! -f /etc/john/john-mail.msg ]; then + echo "Couldn't find /etc/john/john-mail.msg -- stopping!" + exit 0 +fi + +# In Debian, john should be in /usr/sbin. "john" binaries in other +# locations should not be used. +JOHNDIR=/usr/sbin + +# Let's get stuff from conf file: +SHELLS=`grep -e "^[ ]*shells[ ]*=[ ]*" /etc/john/john-mail.conf | sed "s/.*=[ ]*//"` +MAILCMD=`grep -e "^[ ]*mailcmd[ ]*=[ ]*" /etc/john/john-mail.conf | sed "s/.*=[ ]*//"` +MAILARGS=`grep -e "^[ ]*mailargs[ ]*=[ ]*" /etc/john/john-mail.conf | sed "s/.*=[ ]*//"` + +# Let's start +$JOHNDIR/john -show "$1" -shells:$SHELLS | sed -n 's/:.*//p' | +( + SENT=0 + + while read LOGIN; do + echo Sending mail to "$LOGIN"... + +# Sends a message to each user; a template is in /etc/john/john.msg +# Subject, Reply-to, and other header lines should be put +# at the top of that file. + sed -e 's/@LOGIN/'$LOGIN'/g' \ + -e 's/@HOSTNAME/'$(hostname)'/g' /etc/john/john-mail.msg | + $MAILCMD $MAILARGS $LOGIN + + SENT=$(($SENT+1)) + done + + if [ ! $SENT -eq 0 ]; then + echo "John has cracked $SENT passwords. If you want to see them," + echo "use john -show . (See john(1) for details)." + fi +) --- john-1.7.2.orig/debian/extra/john-mail.msg +++ john-1.7.2/debian/extra/john-mail.msg @@ -0,0 +1,8 @@ +Subject: Bad password! + +Hello! + +Your password for account @LOGIN at host @HOSTNAME is too easy! +Please change it as soon as possible. + +John the Ripper, an automated password cracker. --- john-1.7.2.orig/debian/extra/CONFIG.mailer +++ john-1.7.2/debian/extra/CONFIG.mailer @@ -0,0 +1,59 @@ +This version of john has two new conffiles for the mailer script: + +/etc/john/john-mail.conf +----------------------- + +This is where you define the command used to send messages to users, +and the shells to be ignored when sending the messages. A working +example is already installed. + +You can set the shells to be ignored, for example: + +shells=-,/bin/false,/dev/null,/bin/sync,/usr/bin/falselogin + +The default is set to: + +shells=-,/bin/false,/dev/null,/bin/sync + +And you may set the command used to send the message (the message +will be piped into this command): + +mailcmd=/usr/sbin/sendmail + +That is the default. If you use sendmail, or if your mailer provides +a "sendmail" executable, you may use the above line. + +And if you want to pass extra arguments to your mailer, set +mailargs: + +mailargs= ... + +The default is not to define mailargs. + +/etc/john/john-mail.msg +----------------------- + +This is the message template to be sent to the user. In the message, +the strings @LOGIN and @HOSTNAME will be substituted for the user's +login and the host name. + +If you use sendmail as mail command, you may include the headers +at the top of the template message, like this: + + +============================================================= +Subject: Gotcha! +Cc: root + +Just cracked your password for account @LOGIN at @HOSTNAME. +Please change it. + +John the Ripper. +============================================================= + +You may also use some binary of yours as the mail command; then it +will be called, and the template (with the variables already +substituted) will be piped into it. This may be useful if you want +to use complex logging (using a DBMS, for example), or if you +want to automatically run scripts (that block the account, +perhaps?) --- john-1.7.2.orig/debian/extra/john-mail.conf +++ john-1.7.2/debian/extra/john-mail.conf @@ -0,0 +1,25 @@ +# Sample configuration file for john. +# + +# These are the shells that should be ignored by john. If you +# install falselogin, for example, you may want to add it to +# the list. +shells=-,/bin/false,/dev/null,/bin/sync + +# This is the mail command. You may actually use any program +# here; the message in /etc/john/john-mail.msg will be piped into it, +# with the login name and host name substituted. +# You may want to use a program to log information about +# weak passwords (but that means sensitive information would be +# kept somewhere - be careful!) +mailcmd=/usr/sbin/sendmail + +# The passfile directive specifies a *temporary* file which will have +# the contents of /etc/passwd and /etc/shadow while the john cronjob +# is running. +# +# ***WARNING***: this will be a copy of your password file, that will +# be broken by the end of the operation. DO *NOT* PUT THE PATH FOR YOUR +# REAL PASSWORD FILE HERE, OR IT WILL BE LOST. Simply specify a location +# that is considered safe for john to put a copy of the password file. +passfile=/var/run/john/cronpasswd --- john-1.7.2.orig/debian/man/john.8 +++ john-1.7.2/debian/man/john.8 @@ -0,0 +1,218 @@ +.\" Hey, EMACS: -*- nroff -*- +.\" +.\" john.8 is copyright 1999-2001 by +.\" Jordi Mallach +.\" This is free documentation, see the latest version of the GNU General +.\" Public License for copying conditions. There is NO warranty. +.TH JOHN 8 "June 03, 2004" john +.\" Please adjust this date whenever revising the manpage. +.SH NAME +john \- a tool to find weak passwords of your users +.SH SYNOPSIS +.B john +.RI [ options ] "password-files" +.SH DESCRIPTION +This manual page documents briefly the +.B john +command. +This manual page was written for the Debian GNU/Linux distribution +because the original program does not have a manual page. +\fBjohn\fP, better known as John the Ripper, is a tool to find weak +passwords of users in a server. John can use a dictionary or some search +pattern as well as a password file to check for passwords. John supports +different cracking modes and understands many ciphertext formats, like +several DES variants, MD5 and blowfish. It can also be used to extract AFS +and Windows NT passwords. +.SH USAGE +To use John, you just need to supply it a password file and the desired +options. If no mode is specified, john will try "single" first, then +"wordlist" and finally "incremental". +.P +Once John finds a password, it will be printed to the terminal and saved +into a file called ~/john.pot. John will read this file when it restarts +so it doesn't try to crack already done passwords. +.P +To see the cracked passwords, use +.P +john \-show passwd +.P +Important: do this under the same directory where the password was cracked +(when using the cronjob, /var/lib/john), otherwise it won't work. +.P +While cracking, you can press any key for status, or Ctrl+C to abort the +session, saving point information to a file ( +.I ~/restore +by default). By the +way, if you press Ctrl+C twice John will abort immediately without saving. +The point information is also saved every 10 minutes (configurable in the +configuration file, +.I ~/john.ini +) in case of a crash. +.P +To continue an interrupted session, run: +.P +john \-restore +.P +Now, you may notice that many accounts have a disabled shell, you can make +John ignore these (assume that shell is called +.I /etc/expired +): +.P +john \-show \-shells:\-/etc/expired passwd +.P +You might want to mail all the users who got weak passwords, +to tell them to change the passwords. It's not always a good idea though +(unfortunately, lots of people seem to ignore such mail, it can be used +as a hint for crackers, etc), but anyway, I'll assume you know what you're +doing. Get a copy of the 'mailer' script supplied with John, so you won't +change anything that's under +.I /usr/bin +; edit the message it sends, and +possibly the mail command inside it (especially if the password file is +from a different box than you got John running on). +Then run: +.P + ./mailer passwd +.P +Anyway, you probably should have a look at +.I /usr/share/doc/john/OPTIONS +for a list of all the command line options, and at +.I /usr/share/doc/john/EXAMPLES +for more John usage examples with other cracking modes. +.SH OPTIONS +All the options recognized by john start with a single dash (`\-'). +A summary of options is included below. +.TP +.B \-external:MODE +Enables an external mode, using external functions defined in ~/john.ini's +[List.External:MODE] section. +.TP +.B \-format:NAME +Allows you to override the ciphertext format detection. Currently, valid +format names are DES, BSDI, MD5, BF, AFS, LM. You can use this option when +cracking or with '\-test'. Note that John can't crack password files with +different ciphertext formats at the same time. +.TP +.B \-groups:[\-]GID[,..] +Tells John to load users of the specified group(s) only. +.TP +.B \-incremental[:MODE] +Enables the incremental mode, using the specified ~/john.ini definition +(section [Incremental:MODE], or [Incremental:All] by default). +.TP +.B \-makechars:FILE +Generates a charset file, based on character frequencies from ~/john.pot, +for use with the incremental mode. The entire ~/john.pot will be used for +the charset file unless you specify some password files. You can also use +an external filter() routine with this option. +.TP +.B \-restore[:FILE] +Continues an interrupted cracking session, reading point information from +the specified file (~/restore by default). +.TP +.B \-rules +Enables wordlist rules, that are read from [List.Rules:Wordlist]. +.TP +.B \-salts:[\-]COUNT +This feature sometimes allows to achieve better performance. For example +you can crack only some salts using '\-salts:2' faster, and then crack the +rest using '\-salts:\-2'. Total cracking time will be about the same, but +you will get some passwords cracked earlier. +.TP +.B \-savemem:LEVEL +You might need this option if you don't have enough memory, or don't want +John to affect other processes too much. Level 1 tells John not to waste +memory on login names, so you won't see them while cracking. Higher levels +have a performance impact: you should probably avoid using them unless John +doesn't work or gets into swap otherwise. +.TP +.B \-session:FILE +Allows you to specify another point information file's name to use for +this cracking session. This is useful for running multiple instances of +John in parallel, or just to be able to recover an older session later, +not always continue the latest one. +.TP +.B \-shells:[\-]SHELL[,..] +This option is useful to load accounts with a valid shell only, or not to +load accounts with a bad shell. You can omit the path before a shell name, +so '\-shells:csh' will match both '/bin/csh' and '/usr/bin/csh', while +\'\-shells:/bin/csh' will only match '/bin/csh'. +.TP +.B \-show +Shows the cracked passwords in a convenient form. You should also specify +the password files. You can use this option while another John is cracking, +to see what it did so far. +.TP +.B \-single +Enables the "single crack" mode, using rules from [List.Rules:Single]. +.TP +.B \-status[:FILE] +Prints status of an interrupted or running session. To get an up to date +status information of a detached running session, send that copy of John +a SIGHUP before using this option. +.TP +.B \-stdin +These are used to enable the wordlist mode (reading from stdin). +.TP +.B \-stdout[:LENGTH] +When used with a cracking mode, except for "single crack", makes John +print the words it generates to stdout instead of cracking. While applying +wordlist rules, the significant password length is assumed to be LENGTH, +or unlimited by default. +.TP +.B \-test +Benchmarks all the enabled ciphertext format crackers, and tests them for +correct operation at the same time. +.TP +.B \-users:[\-]LOGIN|UID[,..] +Allows you to filter a few accounts for cracking, etc. A dash before the +list can be used to invert the check (that is, load all the users that +aren't listed). +.TP +.B \-wordlist:FILE +These are used to enable the wordlist mode, reading words from FILE. +.SH MODES +John can work in the following modes: +.TP +\fBWordlist\fP +John will simply use a file with a list of words that will be checked +against the passwords. See RULES for the format of wordlist files. +.TP +\fBSingle crack\fP +In this mode, john will try to crack the password using the login/GECOS +information as passwords. +.TP +\fBIncremental\fP +This is the most powerful mode. John will try any character combination +to resolve the password. +Details about these modes can be found in the MODES file in john's +documentation, including how to define your own cracking methods. +.SH FILES +.TP +.I /etc/john/john.conf +is where you configure how john will behave. +.TP +.I /etc/john/john\-mail.msg +has the message sent to users when their passwords are successfully cracked. +.TP +.I /etc/john/john\-mail.conf +is used to configure how john will send messages to users that had their passwords +cracked. +.P +.SH SEE ALSO +.BR mailer (8), +.BR unafs (8), +.BR unique (8), +.BR unshadow (8), +.PP +The programs and the configuration files are documented fully by John's +documentation, which should be available in \fI/usr/share/doc/john\fP or +other location, depending on your system. +.SH AUTHOR +This manual page was written by Jordi Mallach +and Jeronimo Pellegrini , for the +Debian GNU/Linux system (but may be used by others). +.br +John the Ripper was written by Solar Designer . +The complete list of contributors can be found in the CREDITS file +in the documentation directory. --- john-1.7.2.orig/debian/man/unique.8 +++ john-1.7.2/debian/man/unique.8 @@ -0,0 +1,41 @@ +.\" Hey, EMACS: -*- nroff -*- +.\" +.\" unique.8 is copyright 1999-2001 by +.\" Jordi Mallach +.\" This is free documentation, see the latest version of the GNU General +.\" Public License for copying conditions. There is NO warranty. +.TH UNIQUE 8 "June 03, 2004" john +.\" Please adjust this date whenever revising the manpage. +.SH NAME +unique \- removes duplicates from a wordlist +.SH SYNOPSIS +.B unique +\fIoutput-file\fP +.SH DESCRIPTION +This manual page documents briefly the +.B unique +command, which is part of the john package. +This manual page was written for the Debian GNU/Linux distribution +because the original program does not have a manual page. +\fBjohn\fP, better known as John the Ripper, is a tool to find weak +passwords of users in a server. +.br +The \fBunique\fP tool finds and removes duplicate entries from a +wordlist (read from stdin), without changing the order. This is important +to increase the performance of john when using the wordlist method. +.SH SEE ALSO +.BR john (8), +.BR mailer (8), +.BR unafs (8), +.BR unshadow (8). +.PP +The programs are documented fully by John's documentation, +which should be available in \fI/usr/share/doc/john\fP or other +location, depending on your system. +.SH AUTHOR +This manual page was written by Jordi Mallach , +for the Debian GNU/Linux system (but may be used by others). +.br +John the Ripper and mailer were written by Solar Designer +. The complete list of contributors can be found in +the CREDITS file in the documentation directory. --- john-1.7.2.orig/debian/man/unafs.8 +++ john-1.7.2/debian/man/unafs.8 @@ -0,0 +1,40 @@ +.\" Hey, EMACS: -*- nroff -*- +.\" +.\" unafs.8 is copyright 1999-2001 by +.\" Jordi Mallach +.\" This is free documentation, see the latest version of the GNU General +.\" Public License for copying conditions. There is NO warranty. +.TH UNAFS 8 "June 03, 2004" john +.\" Please adjust this date whenever revising the manpage. +.SH NAME +unafs \- script to warn users about their weak passwords +.SH SYNOPSIS +.B unafs +\fIpassword-files cell-name\fP +.SH DESCRIPTION +This manual page documents briefly the +.B unafs +command, which is part of the john package. +This manual page was written for the Debian GNU/Linux distribution +because the original program does not have a manual page. +\fBjohn\fP, better known as John the Ripper, is a tool to find weak +passwords of users in a server. +.br +The \fBunafs\fP tool gets password hashes out of the binary AFS +database, and produces a file usable by John. +.SH SEE ALSO +.BR john (8), +.BR mailer (8), +.BR unique (8), +.BR unshadow (8). +.PP +The programs are documented fully by John's documentation, +which should be available in \fI/usr/share/doc/john\fP or other +location, depending on your system. +.SH AUTHOR +This manual page was written by Jordi Mallach , +for the Debian GNU/Linux system (but may be used by others). +.br +John the Ripper and mailer were written by Solar Designer +. The complete list of contributors can be found in +the CREDITS file in the documentation directory. --- john-1.7.2.orig/debian/man/unshadow.8 +++ john-1.7.2/debian/man/unshadow.8 @@ -0,0 +1,43 @@ +.\" Hey, EMACS: -*- nroff -*- +.\" +.\" unshadow.8 is copyright 1999-2001 by +.\" Jordi Mallach +.\" This is free documentation, see the latest version of the GNU General +.\" Public License for copying conditions. There is NO warranty. +.TH UNSHADOW 8 "June 03, 2004" john +.\" Please adjust this date whenever revising the manpage. +.SH NAME +unshadow \- combines passwd and shadow files +.SH SYNOPSIS +.B unshadow +\fIpassword-file shadow-file\fP +.SH DESCRIPTION +This manual page documents briefly the +.B unshadow +command, which is part of the john package. +This manual page was written for the Debian GNU/Linux distribution +because the original program does not have a manual page. +\fBjohn\fP, better known as John the Ripper, is a tool to find weak +passwords of users in a server. +.PP +The \fBunshadow\fP tool combines the passwd and shadow files so John can +use them. You might need this since if you only used your shadow file, the +GECOS information wouldn't be used by the "single crack" mode, and also you +wouldn't be able to use the '\-shells' option. On a normal system you'll need +to run unshadow as root to be able to read the shadow file. +.SH SEE ALSO +.BR john (8), +.BR mailer (8), +.BR unafs (8), +.BR unique (8). +.PP +The programs are documented fully by John's documentation, +which should be available in \fI/usr/share/doc/john\fP or other +location, depending on your system. +.SH AUTHOR +This manual page was written by Jordi Mallach , +for the Debian GNU/Linux system (but may be used by others). +.br +John the Ripper and mailer were written by Solar Designer +. The complete list of contributors can be found in +the CREDITS file in the documentation directory. --- john-1.7.2.orig/debian/man/mailer.8 +++ john-1.7.2/debian/man/mailer.8 @@ -0,0 +1,44 @@ +.\" Hey, EMACS: -*- nroff -*- +.\" +.\" mailer.8 is copyright 1999-2001 by +.\" Jordi Mallach +.\" This is free documentation, see the latest version of the GNU General +.\" Public License for copying conditions. There is NO warranty. +.TH MAILER 8 "June 03, 2004" john +.\" Please adjust this date whenever revising the manpage. +.SH NAME +mailer \- script to warn users about their weak passwords +.SH SYNOPSIS +.B mailer +\fIpassword-files\fP +.SH DESCRIPTION +This manual page documents briefly the +.B mailer +command, which is part of the john package. +This manual page was written for the Debian GNU/Linux distribution +because the original program does not have a manual page. +\fBjohn\fP, better known as John the Ripper, is a tool to find weak +passwords of users in a server. +.br +The \fBmailer\fP tool is useful to inform users which have been found to +be using weak passwords by mail. +.P +You should edit the message mailer will send to the users, but remember to +copy the script to a safe place before editing it, as it's +generally a bad idea to modify things living in /usr. +.SH SEE ALSO +.BR john (8), +.BR unafs (8), +.BR unique (8), +.BR unshadow (8). +.PP +The programs are documented fully by John's documentation, +which should be available in \fI/usr/share/doc/john\fP or other +location, depending on your system. +.SH AUTHOR +This manual page was written by Jordi Mallach , +for the Debian GNU/Linux system (but may be used by others). +.br +John the Ripper and mailer were written by Solar Designer +. The complete list of contributors can be found in +the CREDITS file in the documentation directory. --- john-1.7.2.orig/debian/patches/00-remove_funroll-loops.patch +++ john-1.7.2/debian/patches/00-remove_funroll-loops.patch @@ -0,0 +1,15 @@ +--- john.orig/src/Makefile ++++ john/src/Makefile +@@ -18,7 +18,11 @@ + CFLAGS = -c -Wall -O2 -fomit-frame-pointer + ASFLAGS = -c + LDFLAGS = -s +-OPT_NORMAL = -funroll-loops ++ ++# -funroll-loops set in debian/rules, for failed build on ARM. ++# Please see #476460 ++#OPT_NORMAL = -funroll-loops ++OPT_NORMAL = + OPT_INLINE = -finline-functions + + JOHN_OBJS_MINIMAL = \ --- john-1.7.2.orig/debian/patches/05-mipsel.patch +++ john-1.7.2/debian/patches/05-mipsel.patch @@ -0,0 +1,120 @@ +--- john-1.7.2.orig/src/Makefile ++++ john-1.7.2/src/Makefile +@@ -94,6 +94,8 @@ + @echo "linux-ppc32 Linux, PowerPC 32-bit" + # @echo "linux-ppc64-altivec Linux, PowerPC 64-bit w/AltiVec" + @echo "linux-ppc64 Linux, PowerPC 64-bit" ++ @echo "linux-mips Linux, MIPS" ++ @echo "linux-mipsel Linux, MIPSel" + @echo "freebsd-x86-sse2 FreeBSD, x86 with SSE2 (best)" + @echo "freebsd-x86-mmx FreeBSD, x86 with MMX" + @echo "freebsd-x86-any FreeBSD, x86" +@@ -251,6 +253,16 @@ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ + ASFLAGS="$(ASFLAGS) -DBSD" + ++linux-mips: mips.h ++ $(LN) mips.h arch.h ++ $(MAKE) $(PROJ) \ ++ JOHN_OBJS="$(BITSLICE_OBJS) $(JOHN_OBJS)" ++ ++linux-mipsel: mipsel.h ++ $(LN) mipsel.h arch.h ++ $(MAKE) $(PROJ) \ ++ JOHN_OBJS="$(BITSLICE_OBJS) $(JOHN_OBJS)" ++ + freebsd-x86-any-a.out: + $(LN) x86-any.h arch.h + $(MAKE) $(PROJ) \ +--- /dev/null ++++ john-1.7.2/src/mipsel.h +@@ -0,0 +1,43 @@ ++/* ++ * This file is part of John the Ripper password cracker, ++ * Copyright (c) 1996-98 by Solar Designer ++ */ ++ ++/* ++ * Architecture specific parameters for little-endian MIPS. ++ */ ++ ++#ifndef _JOHN_ARCH_H ++#define _JOHN_ARCH_H ++ ++#define ARCH_GENERIC 1 ++#define ARCH_WORD long ++#define ARCH_SIZE 4 ++#define ARCH_BITS 32 ++#define ARCH_BITS_STR "32" ++#define ARCH_LITTLE_ENDIAN 1 ++#define ARCH_INT_GT_32 0 ++#define ARCH_ALLOWS_UNALIGNED 0 ++#define ARCH_INDEX unsigned int ++ ++#define OS_TIMER 1 ++#define OS_FLOCK 1 ++ ++#define CPU_DETECT 0 ++ ++#define DES_ASM 0 ++#define DES_128K 0 ++#define DES_X2 0 ++#define DES_MASK 0 ++#define DES_SCALE 1 ++#define DES_EXTB 0 ++#define DES_COPY 1 ++#define DES_BS 0 ++ ++#define MD5_ASM 0 ++#define MD5_IMM 0 ++ ++#define BF_ASM 0 ++#define BF_SCALE 0 ++ ++#endif +--- /dev/null ++++ john-1.7.2/src/mips.h +@@ -0,0 +1,43 @@ ++/* ++ * This file is part of John the Ripper password cracker, ++ * Copyright (c) 1996-98 by Solar Designer ++ */ ++ ++/* ++ * Architecture specific parameters for big-endian MIPS. ++ */ ++ ++#ifndef _JOHN_ARCH_H ++#define _JOHN_ARCH_H ++ ++#define ARCH_GENERIC 1 ++#define ARCH_WORD long ++#define ARCH_SIZE 4 ++#define ARCH_BITS 32 ++#define ARCH_BITS_STR "32" ++#define ARCH_LITTLE_ENDIAN 0 ++#define ARCH_INT_GT_32 0 ++#define ARCH_ALLOWS_UNALIGNED 0 ++#define ARCH_INDEX unsigned int ++ ++#define OS_TIMER 1 ++#define OS_FLOCK 1 ++ ++#define CPU_DETECT 0 ++ ++#define DES_ASM 0 ++#define DES_128K 0 ++#define DES_X2 0 ++#define DES_MASK 0 ++#define DES_SCALE 1 ++#define DES_EXTB 0 ++#define DES_COPY 1 ++#define DES_BS 0 ++ ++#define MD5_ASM 0 ++#define MD5_IMM 0 ++ ++#define BF_ASM 0 ++#define BF_SCALE 0 ++ ++#endif --- john-1.7.2.orig/debian/patches/sysconf_clk_tck.diff +++ john-1.7.2/debian/patches/sysconf_clk_tck.diff @@ -0,0 +1,100 @@ +diff -Nur john-1.6/src/bench.c john-1.6.new/src/bench.c +--- john-1.6/src/bench.c 2000-04-01 02:21:43.000000000 -0800 ++++ john-1.6.new/src/bench.c 2006-10-13 09:36:47.906521852 -0700 +@@ -9,6 +9,7 @@ + #include + #include + #include ++#include + + #include "times.h" + +@@ -103,7 +104,7 @@ + it.it_value.tv_sec = BENCHMARK_TIME; + if (setitimer(ITIMER_REAL, &it, NULL)) pexit("setitimer"); + #else +- sig_timer_emu_init(BENCHMARK_TIME * CLK_TCK); ++ sig_timer_emu_init(BENCHMARK_TIME * sysconf(_SC_CLK_TCK)); + #endif + + start_real = times(&buf); +@@ -144,8 +145,8 @@ + { + unsigned long cps_hi, cps_lo; + +- cps_hi = count * CLK_TCK / time; +- cps_lo = count * ((unsigned ARCH_WORD)CLK_TCK * 10) / time % 10; ++ cps_hi = count * sysconf(_SC_CLK_TCK) / time; ++ cps_lo = count * ((unsigned ARCH_WORD)sysconf(_SC_CLK_TCK) * 10) / time % 10; + + sprintf(buffer, cps_hi < 100 ? "%lu.%lu" : "%lu", cps_hi, cps_lo); + } +diff -Nur john-1.6/src/best.c john-1.6.new/src/best.c +--- john-1.6/src/best.c 2000-04-01 02:21:43.000000000 -0800 ++++ john-1.6.new/src/best.c 2006-10-13 09:37:01.859218512 -0700 +@@ -9,6 +9,7 @@ + + #include + #include ++#include + + #include "params.h" + #include "common.h" +@@ -56,7 +57,7 @@ + fprintf(stderr, "FAILED\n"); + } else { + virtual = (unsigned long) +- (results.count * CLK_TCK * 10 / results.virtual); ++ (results.count * sysconf(_SC_CLK_TCK) * 10 / results.virtual); + + benchmark_cps(results.count, results.real, s_real); + benchmark_cps(results.count, results.virtual, s_virtual); +diff -Nur john-1.6/src/signals.c john-1.6.new/src/signals.c +--- john-1.6/src/signals.c 2000-04-01 02:21:43.000000000 -0800 ++++ john-1.6.new/src/signals.c 2006-10-13 09:37:35.480897303 -0700 +@@ -9,6 +9,7 @@ + #include + #include + #include ++#include + + #ifdef __DJGPP__ + #include +@@ -217,7 +218,7 @@ + { + #if !OS_TIMER + signal(SIGALRM, sig_handle_timer); +- sig_timer_emu_init(TIMER_INTERVAL * CLK_TCK); ++ sig_timer_emu_init(TIMER_INTERVAL * sysconf(_SC_CLK_TCK)); + #else + struct sigaction sa; + struct itimerval it; +diff -Nur john-1.6/src/status.c john-1.6.new/src/status.c +--- john-1.6/src/status.c 2000-04-01 02:21:43.000000000 -0800 ++++ john-1.6.new/src/status.c 2006-10-13 09:38:00.130128134 -0700 +@@ -7,6 +7,7 @@ + #include + #include + #include ++#include + + #include "times.h" + +@@ -35,7 +36,7 @@ + if (!status_restored_time) + memset(&status, 0, sizeof(status)); + status.start_time = +- get_time() - status_restored_time * CLK_TCK; ++ get_time() - status_restored_time * sysconf(_SC_CLK_TCK); + } + + status_get_progress = get_progress; +@@ -48,7 +49,7 @@ + + unsigned int status_get_time() + { +- return (get_time() - status.start_time) / CLK_TCK; ++ return (get_time() - status.start_time) / sysconf(_SC_CLK_TCK); + } + + static char *status_get_cps(char *buffer) --- john-1.7.2.orig/debian/patches/06-fix_paths.patch +++ john-1.7.2/debian/patches/06-fix_paths.patch @@ -0,0 +1,72 @@ +--- john-1.7.2.orig/src/params.h ++++ john-1.7.2/src/params.h +@@ -54,10 +54,10 @@ + + #if JOHN_SYSTEMWIDE + #ifndef JOHN_SYSTEMWIDE_EXEC /* please refer to the notes above */ +-#define JOHN_SYSTEMWIDE_EXEC "/usr/libexec/john" ++#define JOHN_SYSTEMWIDE_EXEC "/usr/lib/john" + #endif + #ifndef JOHN_SYSTEMWIDE_HOME +-#define JOHN_SYSTEMWIDE_HOME "/usr/share/john" ++#define JOHN_SYSTEMWIDE_HOME "/etc/john" + #endif + #define JOHN_PRIVATE_HOME "~/.john" + #endif +@@ -116,7 +116,7 @@ + #endif + #define LOG_SUFFIX ".log" + #define RECOVERY_SUFFIX ".rec" +-#define WORDLIST_NAME "$JOHN/password.lst" ++#define WORDLIST_NAME "/usr/share/john/password.lst" + + /* + * Configuration file section names. +--- john-1.7.2.orig/run/john.conf ++++ john-1.7.2/run/john.conf +@@ -5,7 +5,7 @@ + + [Options] + # Wordlist file name, to be used in batch mode +-Wordlist = $JOHN/password.lst ++Wordlist = /usr/share/john/password.lst + # Use idle cycles only + Idle = N + # Crash recovery file saving delay in seconds +@@ -323,31 +323,31 @@ + + # Incremental modes + [Incremental:All] +-File = $JOHN/all.chr ++File = /usr/share/john/all.chr + MinLen = 0 + MaxLen = 8 + CharCount = 95 + + [Incremental:Alpha] +-File = $JOHN/alpha.chr ++File = /usr/share/john/alpha.chr + MinLen = 1 + MaxLen = 8 + CharCount = 26 + + [Incremental:Digits] +-File = $JOHN/digits.chr ++File = /usr/share/john/digits.chr + MinLen = 1 + MaxLen = 8 + CharCount = 10 + + [Incremental:Alnum] +-File = $JOHN/alnum.chr ++File = /usr/share/john/alnum.chr + MinLen = 1 + MaxLen = 8 + CharCount = 36 + + [Incremental:LanMan] +-File = $JOHN/lanman.chr ++File = /usr/share/john/lanman.chr + MinLen = 0 + MaxLen = 7 + CharCount = 69 --- john-1.7.2.orig/debian/patches/series +++ john-1.7.2/debian/patches/series @@ -0,0 +1,8 @@ +#00-remove_funroll-loops.patch +01-add_NTLM-MD4.patch +02-add_MS-Credential-Cache.patch +03-add_NetLM-NetNTLM.patch +04-amd64.patch +05-mipsel.patch +06-fix_paths.patch +07-update_FAQ.patch --- john-1.7.2.orig/debian/patches/02-add_MS-Credential-Cache.patch +++ john-1.7.2/debian/patches/02-add_MS-Credential-Cache.patch @@ -0,0 +1,631 @@ +--- john-1.7.2.orig/src/Makefile ++++ john-1.7.2/src/Makefile +@@ -29,6 +29,7 @@ + AFS_fmt.o \ + LM_fmt.o \ + NT_fmt.o \ ++ mscash_fmt.o \ + batch.o bench.o charset.o common.o compiler.o config.o cracker.o \ + crc32.o external.o formats.o getopt.o idle.o inc.o john.o list.o \ + loader.o logger.o math.o memory.o misc.o options.o params.o path.o \ +--- john-1.7.2.orig/src/loader.c ++++ john-1.7.2/src/loader.c +@@ -308,6 +308,7 @@ + struct db_password *current_pw, *last_pw; + struct list_main *words; + size_t pw_size, salt_size; ++ extern struct fmt_main fmt_mscash; + + count = ldr_split_line(&login, &ciphertext, &gecos, &home, + NULL, &db->format, db->options, line); +@@ -333,6 +334,13 @@ + } + + for (index = 0; index < count; index++) { ++ if (db->format == &fmt_mscash) ++ { ++ piece = (char *) mem_alloc(strlen(login) + strlen(ciphertext) + 4); ++ sprintf(piece, "M$%s#%s", login, ciphertext); ++ ciphertext = piece; ++ } ++ + piece = format->methods.split(ciphertext, index); + + binary = format->methods.binary(piece); +@@ -665,6 +673,7 @@ + int pass, found, chars; + int hash; + struct db_cracked *current; ++ extern struct fmt_main fmt_mscash; + + format = NULL; + count = ldr_split_line(&login, &ciphertext, &gecos, &home, +@@ -676,6 +685,12 @@ + if (format) { + split = format->methods.split; + unify = format->params.flags & FMT_SPLIT_UNIFIES_CASE; ++ if(format == &fmt_mscash) ++ { ++ char * ciphertext2 = (char *) mem_alloc(strlen(login) + strlen(ciphertext) + 4); ++ sprintf(ciphertext2, "M$%s#%s", login, ciphertext); ++ ciphertext = ciphertext2; ++ } + } else { + split = fmt_default_split; + count = 1; +--- /dev/null ++++ john-1.7.2/src/mscash_fmt.c +@@ -0,0 +1,544 @@ ++/* MSCASH patch for john (performance improvement) ++ * ++ * Written by Alain Espinosa in 2007 ++ * and placed in the public domain. ++ */ ++ ++#include ++#include "arch.h" ++#include "misc.h" ++#include "memory.h" ++#include "common.h" ++#include "formats.h" ++ ++#define FORMAT_LABEL "mscash" ++#define FORMAT_NAME "M$ Cache Hash" ++ ++#define BENCHMARK_COMMENT "" ++#define BENCHMARK_LENGTH 0 ++ ++#define PLAINTEXT_LENGTH 27 ++#define MAX_CIPHERTEXT_LENGTH (2 + 32 + 1 + 32) ++ ++ ++static struct fmt_tests tests[] = { ++ {"M$test1#64cd29e36a8431a2b111378564a10631", "test1" }, ++ {"M$test2#ab60bdb4493822b175486810ac2abe63", "test2" }, ++ {"M$test3#14dd041848e12fc48c0aa7a416a4a00c", "test3" }, ++ {"M$test4#b945d24866af4b01a6d89b9d932a153c", "test4" }, ++ {NULL} ++}; ++ ++#define ALGORITHM_NAME "Generic 1x" ++ ++#define BINARY_SIZE 16 ++#define SALT_SIZE (11*4) ++ ++#define MS_NUM_KEYS 64 ++#define MIN_KEYS_PER_CRYPT MS_NUM_KEYS ++#define MAX_KEYS_PER_CRYPT MS_NUM_KEYS ++ ++ ++unsigned int ms_buffer1x[16*MS_NUM_KEYS]; ++unsigned int output1x[4*MS_NUM_KEYS]; ++ ++unsigned int crypt[4*MS_NUM_KEYS]; ++unsigned int last[4*MS_NUM_KEYS]; ++ ++unsigned int last_i[MS_NUM_KEYS]; ++char saved_plain[32*MS_NUM_KEYS]; ++ ++unsigned int *salt_buffer; ++unsigned int new_key; ++ ++//Init values ++#define INIT_A 0x67452301 ++#define INIT_B 0xefcdab89 ++#define INIT_C 0x98badcfe ++#define INIT_D 0x10325476 ++ ++#define SQRT_2 0x5a827999 ++#define SQRT_3 0x6ed9eba1 ++ ++static void init(void) ++{ ++ memset(ms_buffer1x,0,64*MS_NUM_KEYS); ++ memset(last_i,0,4*MS_NUM_KEYS); ++ new_key=1; ++} ++ ++static char * ms_split(char *ciphertext, int index) ++{ ++ static char out[MAX_CIPHERTEXT_LENGTH + 1]; ++ int i=0; ++ ++ for(; ciphertext[i] && i < MAX_CIPHERTEXT_LENGTH; i++) ++ out[i]=ciphertext[i]; ++ ++ out[i]=0; ++ ++ if (i >= 32) ++ strlwr(&out[i-32]); ++ ++ return out; ++} ++ ++static int valid(char *ciphertext) ++{ ++ unsigned int i; ++ unsigned int l; ++ ++ /* ++ * 2 cases ++ * 1 - it comes from the disk, and does not have M$ + salt ++ * 2 - it comes from memory, and has got M$ + salt + # + blah ++ */ ++ ++ if (!strncmp(ciphertext, "M$", 2)) ++ { ++ l = strlen(ciphertext); ++ if (l <= 32 || l > MAX_CIPHERTEXT_LENGTH) ++ return 0; ++ l -= 32; ++ if(ciphertext[l-1]!='#') ++ return 0; ++ } ++ else ++ { ++ if(strlen(ciphertext)!=32) ++ return 0; ++ l = 0; ++ } ++ for (i = l; i < l + 32; i++) ++ if (atoi16[ARCH_INDEX(ciphertext[i])] == 0x7F) ++ return 0; ++ ++ return 1; ++} ++ ++static void set_salt(void *salt) { ++ salt_buffer=salt; ++} ++ ++static void * get_salt(char * ciphertext) ++{ ++ //lenght=11 for save memory ++ //last position = 0 ++ //4 first position are crypt[?] ++ static unsigned int out[11]; ++ unsigned int md4_size=0; ++ ++ memset(out,0,44); ++ ++ ciphertext+=2; ++ ++ for(;;md4_size++) ++ if(ciphertext[md4_size]!='#' && md4_size < 19) ++ { ++ md4_size++; ++ ++ out[md4_size>>1] = ciphertext[md4_size-1] | ((ciphertext[md4_size]!='#') ? (ciphertext[md4_size]<<16) : 0x800000); ++ ++ if(ciphertext[md4_size]=='#') ++ break; ++ } ++ else ++ { ++ out[md4_size>>1] = 0x80; ++ break; ++ } ++ ++ out[10] = (8 + md4_size) << 4; ++ ++ return out; ++} ++ ++static void *get_binary(char *ciphertext) ++{ ++ static unsigned int out[4]; ++ unsigned int i=0; ++ unsigned int temp; ++ unsigned int * salt=get_salt(ciphertext); ++ ++ for(;ciphertext[0]!='#';ciphertext++); ++ ++ ciphertext++; ++ ++ for(; i<4 ;i++) ++ { ++ temp = (atoi16[ARCH_INDEX(ciphertext[i*8+0])])<<4; ++ temp |= (atoi16[ARCH_INDEX(ciphertext[i*8+1])]); ++ ++ temp |= (atoi16[ARCH_INDEX(ciphertext[i*8+2])])<<12; ++ temp |= (atoi16[ARCH_INDEX(ciphertext[i*8+3])])<<8; ++ ++ temp |= (atoi16[ARCH_INDEX(ciphertext[i*8+4])])<<20; ++ temp |= (atoi16[ARCH_INDEX(ciphertext[i*8+5])])<<16; ++ ++ temp |= (atoi16[ARCH_INDEX(ciphertext[i*8+6])])<<28; ++ temp |= (atoi16[ARCH_INDEX(ciphertext[i*8+7])])<<24; ++ ++ out[i]=temp; ++ } ++ ++ out[0] -= INIT_A; ++ out[1] -= INIT_B; ++ out[2] -= INIT_C; ++ out[3] -= INIT_D; ++ ++ // Reversed b += (c ^ d ^ a) + salt_buffer[11] + SQRT_3; b = (b << 15) | (b >> 17); ++ out[1] = (out[1] >> 15) | (out[1] << 17); ++ out[1] -= SQRT_3 + (out[2] ^ out[3] ^ out[0]); ++ // Reversed c += (d ^ a ^ b) + salt_buffer[3] + SQRT_3; c = (c << 11) | (c >> 21); ++ out[2] = (out[2] << 21) | (out[2] >> 11); ++ out[2]-= SQRT_3 + (out[3] ^ out[0] ^ out[1]) + salt[3]; ++ // Reversed d += (a ^ b ^ c) + salt_buffer[7] + SQRT_3; d = (d << 9 ) | (d >> 23); ++ out[3] = (out[3] << 23) | (out[3] >> 9); ++ out[3] -= SQRT_3 + (out[0] ^ out[1] ^ out[2]) + salt[7]; ++ //+ SQRT_3; d = (d << 9 ) | (d >> 23); ++ out[3]=(out[3] << 23 ) | (out[3] >> 9); ++ out[3]-=SQRT_3; ++ ++ return out; ++} ++ ++static int binary_hash_0(void *binary) ++{ ++ return ((unsigned int*)binary)[3] & 0x0F; ++} ++ ++static int binary_hash_1(void *binary) ++{ ++ return ((unsigned int*)binary)[3] & 0xFF; ++} ++ ++static int binary_hash_2(void *binary) ++{ ++ return ((unsigned int*)binary)[3] & 0x0FFF; ++} ++ ++static int get_hash_0(int index) ++{ ++ return output1x[4*index+3] & 0x0F; ++} ++ ++static int get_hash_1(int index) ++{ ++ return output1x[4*index+3] & 0xFF; ++} ++ ++static int get_hash_2(int index) ++{ ++ return output1x[4*index+3] & 0x0FFF; ++} ++ ++void nt_hash(void) ++{ ++ unsigned int a; ++ unsigned int b; ++ unsigned int c; ++ unsigned int d; ++ unsigned int i=0; ++ ++ for(;i> 29); ++ d = INIT_D + (INIT_C ^ (a & 0x77777777)) + ms_buffer1x[16*i+1];d = (d << 7 ) | (d >> 25); ++ c = INIT_C + (INIT_B ^ (d & (a ^ INIT_B)))+ ms_buffer1x[16*i+2];c = (c << 11) | (c >> 21); ++ b = INIT_B + (a ^ (c & (d ^ a))) + ms_buffer1x[16*i+3];b = (b << 19) | (b >> 13); ++ ++ a += (d ^ (b & (c ^ d))) + ms_buffer1x[16*i+4] ;a = (a << 3 ) | (a >> 29); ++ d += (c ^ (a & (b ^ c))) + ms_buffer1x[16*i+5] ;d = (d << 7 ) | (d >> 25); ++ c += (b ^ (d & (a ^ b))) + ms_buffer1x[16*i+6] ;c = (c << 11) | (c >> 21); ++ b += (a ^ (c & (d ^ a))) + ms_buffer1x[16*i+7] ;b = (b << 19) | (b >> 13); ++ ++ a += (d ^ (b & (c ^ d))) + ms_buffer1x[16*i+8] ;a = (a << 3 ) | (a >> 29); ++ d += (c ^ (a & (b ^ c))) + ms_buffer1x[16*i+9] ;d = (d << 7 ) | (d >> 25); ++ c += (b ^ (d & (a ^ b))) + ms_buffer1x[16*i+10] ;c = (c << 11) | (c >> 21); ++ b += (a ^ (c & (d ^ a))) + ms_buffer1x[16*i+11] ;b = (b << 19) | (b >> 13); ++ ++ a += (d ^ (b & (c ^ d))) + ms_buffer1x[16*i+12] ;a = (a << 3 ) | (a >> 29); ++ d += (c ^ (a & (b ^ c))) + ms_buffer1x[16*i+13] ;d = (d << 7 ) | (d >> 25); ++ c += (b ^ (d & (a ^ b))) + ms_buffer1x[16*i+14] ;c = (c << 11) | (c >> 21); ++ b += (a ^ (c & (d ^ a)))/*+ms_buffer1x[16*i+15]*/;b = (b << 19) | (b >> 13); ++ ++ /* Round 2 */ ++ a += ((b & (c | d)) | (c & d)) + ms_buffer1x[16*i+0] + SQRT_2; a = (a << 3 ) | (a >> 29); ++ d += ((a & (b | c)) | (b & c)) + ms_buffer1x[16*i+4] + SQRT_2; d = (d << 5 ) | (d >> 27); ++ c += ((d & (a | b)) | (a & b)) + ms_buffer1x[16*i+8] + SQRT_2; c = (c << 9 ) | (c >> 23); ++ b += ((c & (d | a)) | (d & a)) + ms_buffer1x[16*i+12] + SQRT_2; b = (b << 13) | (b >> 19); ++ ++ a += ((b & (c | d)) | (c & d)) + ms_buffer1x[16*i+1] + SQRT_2; a = (a << 3 ) | (a >> 29); ++ d += ((a & (b | c)) | (b & c)) + ms_buffer1x[16*i+5] + SQRT_2; d = (d << 5 ) | (d >> 27); ++ c += ((d & (a | b)) | (a & b)) + ms_buffer1x[16*i+9] + SQRT_2; c = (c << 9 ) | (c >> 23); ++ b += ((c & (d | a)) | (d & a)) + ms_buffer1x[16*i+13] + SQRT_2; b = (b << 13) | (b >> 19); ++ ++ a += ((b & (c | d)) | (c & d)) + ms_buffer1x[16*i+2] + SQRT_2; a = (a << 3 ) | (a >> 29); ++ d += ((a & (b | c)) | (b & c)) + ms_buffer1x[16*i+6] + SQRT_2; d = (d << 5 ) | (d >> 27); ++ c += ((d & (a | b)) | (a & b)) + ms_buffer1x[16*i+10] + SQRT_2; c = (c << 9 ) | (c >> 23); ++ b += ((c & (d | a)) | (d & a)) + ms_buffer1x[16*i+14] + SQRT_2; b = (b << 13) | (b >> 19); ++ ++ a += ((b & (c | d)) | (c & d)) + ms_buffer1x[16*i+3] + SQRT_2; a = (a << 3 ) | (a >> 29); ++ d += ((a & (b | c)) | (b & c)) + ms_buffer1x[16*i+7] + SQRT_2; d = (d << 5 ) | (d >> 27); ++ c += ((d & (a | b)) | (a & b)) + ms_buffer1x[16*i+11] + SQRT_2; c = (c << 9 ) | (c >> 23); ++ b += ((c & (d | a)) | (d & a))/*+ms_buffer1x[16*i+15]*/+SQRT_2; b = (b << 13) | (b >> 19); ++ ++ /* Round 3 */ ++ a += (b ^ c ^ d) + ms_buffer1x[16*i+0] + SQRT_3; a = (a << 3 ) | (a >> 29); ++ d += (a ^ b ^ c) + ms_buffer1x[16*i+8] + SQRT_3; d = (d << 9 ) | (d >> 23); ++ c += (d ^ a ^ b) + ms_buffer1x[16*i+4] + SQRT_3; c = (c << 11) | (c >> 21); ++ b += (c ^ d ^ a) + ms_buffer1x[16*i+12] + SQRT_3; b = (b << 15) | (b >> 17); ++ ++ a += (b ^ c ^ d) + ms_buffer1x[16*i+2] + SQRT_3; a = (a << 3 ) | (a >> 29); ++ d += (a ^ b ^ c) + ms_buffer1x[16*i+10] + SQRT_3; d = (d << 9 ) | (d >> 23); ++ c += (d ^ a ^ b) + ms_buffer1x[16*i+6] + SQRT_3; c = (c << 11) | (c >> 21); ++ b += (c ^ d ^ a) + ms_buffer1x[16*i+14] + SQRT_3; b = (b << 15) | (b >> 17); ++ ++ a += (b ^ c ^ d) + ms_buffer1x[16*i+1] + SQRT_3; a = (a << 3 ) | (a >> 29); ++ d += (a ^ b ^ c) + ms_buffer1x[16*i+9] + SQRT_3; d = (d << 9 ) | (d >> 23); ++ c += (d ^ a ^ b) + ms_buffer1x[16*i+5] + SQRT_3; c = (c << 11) | (c >> 21); ++ b += (c ^ d ^ a) + ms_buffer1x[16*i+13] + SQRT_3; b = (b << 15) | (b >> 17); ++ ++ a += (b ^ c ^ d) + ms_buffer1x[16*i+3] + SQRT_3; a = (a << 3 ) | (a >> 29); ++ d += (a ^ b ^ c) + ms_buffer1x[16*i+11] + SQRT_3; d = (d << 9 ) | (d >> 23); ++ c += (d ^ a ^ b) + ms_buffer1x[16*i+7] + SQRT_3; c = (c << 11) | (c >> 21); ++ b += (c ^ d ^ a) /*+ ms_buffer1x[16*i+15] */+ SQRT_3; b = (b << 15) | (b >> 17); ++ ++ crypt[4*i+0] = a + INIT_A; ++ crypt[4*i+1] = b + INIT_B; ++ crypt[4*i+2] = c + INIT_C; ++ crypt[4*i+3] = d + INIT_D; ++ ++ //Another MD4_crypt for the salt ++ /* Round 1 */ ++ a= 0xFFFFFFFF +crypt[4*i+0]; a=(a<<3 )|(a>>29); ++ d=INIT_D + ( INIT_C ^ ( a & 0x77777777)) +crypt[4*i+1]; d=(d<<7 )|(d>>25); ++ c=INIT_C + ( INIT_B ^ ( d & ( a ^ INIT_B))) +crypt[4*i+2]; c=(c<<11)|(c>>21); ++ b=INIT_B + ( a ^ ( c & ( d ^ a ))) +crypt[4*i+3]; b=(b<<19)|(b>>13); ++ ++ last[4*i+0]=a; ++ last[4*i+1]=b; ++ last[4*i+2]=c; ++ last[4*i+3]=d; ++ } ++} ++ ++static void crypt_all(int count) ++{ ++ unsigned int a; ++ unsigned int b; ++ unsigned int c; ++ unsigned int d; ++ unsigned int i=0; ++ ++ if(new_key) ++ { ++ new_key=0; ++ nt_hash(); ++ } ++ ++ for(;i> 29); ++ d += (c ^ (a & (b ^ c))) + salt_buffer[1] ;d = (d << 7 ) | (d >> 25); ++ c += (b ^ (d & (a ^ b))) + salt_buffer[2] ;c = (c << 11) | (c >> 21); ++ b += (a ^ (c & (d ^ a))) + salt_buffer[3] ;b = (b << 19) | (b >> 13); ++ ++ a += (d ^ (b & (c ^ d))) + salt_buffer[4] ;a = (a << 3 ) | (a >> 29); ++ d += (c ^ (a & (b ^ c))) + salt_buffer[5] ;d = (d << 7 ) | (d >> 25); ++ c += (b ^ (d & (a ^ b))) + salt_buffer[6] ;c = (c << 11) | (c >> 21); ++ b += (a ^ (c & (d ^ a))) + salt_buffer[7] ;b = (b << 19) | (b >> 13); ++ ++ a += (d ^ (b & (c ^ d))) + salt_buffer[8] ;a = (a << 3 ) | (a >> 29); ++ d += (c ^ (a & (b ^ c))) + salt_buffer[9] ;d = (d << 7 ) | (d >> 25); ++ c += (b ^ (d & (a ^ b))) + salt_buffer[10] ;c = (c << 11) | (c >> 21); ++ b += (a ^ (c & (d ^ a)))/*+salt_buffer[11]*/;b = (b << 19) | (b >> 13); ++ ++ /* Round 2 */ ++ a += ((b & (c | d)) | (c & d)) + crypt[4*i+0] + SQRT_2; a = (a << 3 ) | (a >> 29); ++ d += ((a & (b | c)) | (b & c)) + salt_buffer[0] + SQRT_2; d = (d << 5 ) | (d >> 27); ++ c += ((d & (a | b)) | (a & b)) + salt_buffer[4] + SQRT_2; c = (c << 9 ) | (c >> 23); ++ b += ((c & (d | a)) | (d & a)) + salt_buffer[8] + SQRT_2; b = (b << 13) | (b >> 19); ++ ++ a += ((b & (c | d)) | (c & d)) + crypt[4*i+1] + SQRT_2; a = (a << 3 ) | (a >> 29); ++ d += ((a & (b | c)) | (b & c)) + salt_buffer[1] + SQRT_2; d = (d << 5 ) | (d >> 27); ++ c += ((d & (a | b)) | (a & b)) + salt_buffer[5] + SQRT_2; c = (c << 9 ) | (c >> 23); ++ b += ((c & (d | a)) | (d & a)) + salt_buffer[9] + SQRT_2; b = (b << 13) | (b >> 19); ++ ++ a += ((b & (c | d)) | (c & d)) + crypt[4*i+2] + SQRT_2; a = (a << 3 ) | (a >> 29); ++ d += ((a & (b | c)) | (b & c)) + salt_buffer[2] + SQRT_2; d = (d << 5 ) | (d >> 27); ++ c += ((d & (a | b)) | (a & b)) + salt_buffer[6] + SQRT_2; c = (c << 9 ) | (c >> 23); ++ b += ((c & (d | a)) | (d & a)) + salt_buffer[10] + SQRT_2; b = (b << 13) | (b >> 19); ++ ++ a += ((b & (c | d)) | (c & d)) + crypt[4*i+3] + SQRT_2; a = (a << 3 ) | (a >> 29); ++ d += ((a & (b | c)) | (b & c)) + salt_buffer[3] + SQRT_2; d = (d << 5 ) | (d >> 27); ++ c += ((d & (a | b)) | (a & b)) + salt_buffer[7] + SQRT_2; c = (c << 9 ) | (c >> 23); ++ b += ((c & (d | a)) | (d & a))/*+ salt_buffer[11]*/+ SQRT_2; b = (b << 13) | (b >> 19); ++ ++ /* Round 3 */ ++ a += (b ^ c ^ d) + crypt[4*i+0] + SQRT_3; a = (a << 3 ) | (a >> 29); ++ d += (a ^ b ^ c) + salt_buffer[4] + SQRT_3; d = (d << 9 ) | (d >> 23); ++ c += (d ^ a ^ b) + salt_buffer[0] + SQRT_3; c = (c << 11) | (c >> 21); ++ b += (c ^ d ^ a) + salt_buffer[8] + SQRT_3; b = (b << 15) | (b >> 17); ++ ++ a += (b ^ c ^ d) + crypt[4*i+2] + SQRT_3; a = (a << 3 ) | (a >> 29); ++ d += (a ^ b ^ c) + salt_buffer[6] + SQRT_3; d = (d << 9 ) | (d >> 23); ++ c += (d ^ a ^ b) + salt_buffer[2] + SQRT_3; c = (c << 11) | (c >> 21); ++ b += (c ^ d ^ a) + salt_buffer[10] + SQRT_3; b = (b << 15) | (b >> 17); ++ ++ a += (b ^ c ^ d) + crypt[4*i+1] + SQRT_3; a = (a << 3 ) | (a >> 29); ++ d += (a ^ b ^ c) + salt_buffer[5]; ++ ++ output1x[4*i+0]=a; ++ output1x[4*i+1]=b; ++ output1x[4*i+2]=c; ++ output1x[4*i+3]=d; ++ } ++} ++ ++static int cmp_all(void *binary, int count) ++{ ++ unsigned int i=0; ++ unsigned int d=((unsigned int *)binary)[3]; ++ ++ for(;i> 23); ++ ++ c += (d ^ a ^ b) + salt_buffer[1] + SQRT_3; c = (c << 11) | (c >> 21); ++ if(c!=t[2]) ++ return 0; ++ ++ b += (c ^ d ^ a) + salt_buffer[9] + SQRT_3; b = (b << 15) | (b >> 17); ++ if(b!=t[1]) ++ return 0; ++ ++ a += (b ^ c ^ d) + crypt[4*index+3]+ SQRT_3; a = (a << 3 ) | (a >> 29); ++ return (a==t[0]); ++} ++ ++static int cmp_exact(char *source, int index) ++{ ++ // This check its for the unreal case of collisions. ++ // It verify that the salts its the same. ++ unsigned int *salt=get_salt(source); ++ unsigned int i=0; ++ for(;i<11;i++) ++ if(salt[i]!=salt_buffer[i]) ++ return 0; ++ return 1; ++} ++ ++static void set_key(char *key, int index) ++{ ++ unsigned int md4_size=0; ++ unsigned int i=0; ++ unsigned int temp; ++ unsigned int saved_base=index<<5; ++ unsigned int buff_base=index<<4; ++ ++ for(;key[md4_size] && md4_size>1; ++ ++ ms_buffer1x[buff_base+14] = md4_size << 4; ++ ++ //new password_candidate ++ new_key=1; ++} ++ ++static char *get_key(int index) ++{ ++ return saved_plain+(index<<5); ++} ++ ++int salt_hash(void *salt) ++{ ++ return ((unsigned char*)salt)[0]; ++} ++ ++struct fmt_main fmt_mscash = { ++ { ++ FORMAT_LABEL, ++ FORMAT_NAME, ++ ALGORITHM_NAME, ++ BENCHMARK_COMMENT, ++ BENCHMARK_LENGTH, ++ PLAINTEXT_LENGTH, ++ BINARY_SIZE, ++ SALT_SIZE, ++ MIN_KEYS_PER_CRYPT, ++ MAX_KEYS_PER_CRYPT, ++ FMT_CASE | FMT_8_BIT | FMT_SPLIT_UNIFIES_CASE, ++ tests ++ }, { ++ init, ++ valid, ++ ms_split, ++ get_binary, ++ get_salt, ++ { ++ binary_hash_0, ++ binary_hash_1, ++ binary_hash_2 ++ }, ++ salt_hash, ++ set_salt, ++ set_key, ++ get_key, ++ fmt_default_clear_keys, ++ crypt_all, ++ { ++ get_hash_0, ++ get_hash_1, ++ get_hash_2 ++ }, ++ cmp_all, ++ cmp_one, ++ cmp_exact ++ } ++}; +--- john-1.7.2.orig/src/options.c ++++ john-1.7.2/src/options.c +@@ -101,7 +101,7 @@ + "--salts=[-]COUNT load salts with[out] at least COUNT passwords " \ + "only\n" \ + "--format=NAME force ciphertext format NAME: " \ +- "DES/BSDI/MD5/BF/AFS/LM/NT\n" \ ++ "DES/BSDI/MD5/BF/AFS/LM/NT/mscash\n" \ + "--save-memory=LEVEL enable memory saving, at LEVEL 1..3\n" + + void opt_init(char *name, int argc, char **argv) +--- john-1.7.2.orig/src/john.c ++++ john-1.7.2/src/john.c +@@ -39,6 +39,7 @@ + extern struct fmt_main fmt_DES, fmt_BSDI, fmt_MD5, fmt_BF; + extern struct fmt_main fmt_AFS, fmt_LM; + extern struct fmt_main fmt_NT; ++extern struct fmt_main fmt_mscash; + + extern int unshadow(int argc, char **argv); + extern int unafs(int argc, char **argv); +@@ -66,6 +67,7 @@ + john_register_one(&fmt_AFS); + john_register_one(&fmt_LM); + john_register_one(&fmt_NT); ++ john_register_one(&fmt_mscash); + + + if (!fmt_list) { --- john-1.7.2.orig/debian/patches/04-amd64.patch +++ john-1.7.2/debian/patches/04-amd64.patch @@ -0,0 +1,104 @@ +--- john-1.7.2.orig/src/loader.c ++++ john-1.7.2/src/loader.c +@@ -32,7 +32,7 @@ + #define issep \ + "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~\177" + +-static char issep_map[0x100]; ++static unsigned char issep_map[0x100]; + static int issep_initialized = 0; + + static void read_file(struct db_main *db, char *name, int flags, +@@ -68,7 +68,7 @@ + + static void ldr_init_issep(void) + { +- char *pos; ++ unsigned char *pos; + + if (issep_initialized) return; + +@@ -282,7 +282,7 @@ + + static void ldr_split_string(struct list_main *dst, char *src) + { +- char *word, *pos; ++ unsigned char *word, *pos; + + pos = src; + do { +--- john-1.7.2.orig/src/rules.c ++++ john-1.7.2/src/rules.c +@@ -126,9 +126,9 @@ + for (pos = 0; (out[pos] = (conv)[ARCH_INDEX(in[pos])]); pos++); \ + } + +-static void rules_init_class(char name, char *valid) ++static void rules_init_class(unsigned char name, char *valid) + { +- char *pos, inv; ++ unsigned char *pos, inv; + + rules_classes[ARCH_INDEX(name)] = + mem_alloc_tiny(0x100, MEM_ALIGN_NONE); +@@ -163,7 +163,7 @@ + rules_init_class('x', CHARS_LOWER CHARS_UPPER CHARS_DIGITS); + } + +-static char *rules_init_conv(char *src, char *dst) ++static char *rules_init_conv(unsigned char *src, char *dst) + { + char *conv; + int pos; +@@ -215,7 +215,7 @@ + rules_errno = RULES_ERROR_NONE; + } + +-char *rules_reject(char *rule, struct db_main *db) ++char *rules_reject(unsigned char *rule, struct db_main *db) + { + while (RULE) + switch (LAST) { +@@ -257,10 +257,10 @@ + return rule - 1; + } + +-char *rules_apply(char *word, char *rule, int split) ++char *rules_apply(char *word, unsigned char *rule, int split) + { +- static char buffer[3][RULE_WORD_SIZE * 2]; +- char *in = buffer[0], *out = buffer[1]; ++ static unsigned char buffer[3][RULE_WORD_SIZE * 2]; ++ unsigned char *in = buffer[0], *out = buffer[1]; + char memory[RULE_WORD_SIZE]; + int memory_empty, which; + char value, *class; +@@ -653,7 +653,7 @@ + int rules_check(struct rpp_context *start, int split) + { + struct rpp_context ctx; +- char *rule; ++ unsigned char *rule; + int count; + + rules_errno = RULES_ERROR_NONE; +--- john-1.7.2.orig/src/rules.h ++++ john-1.7.2/src/rules.h +@@ -51,7 +51,7 @@ + * error. If the database is NULL, all rules are accepted (to be used + * for syntax checking). + */ +-extern char *rules_reject(char *rule, struct db_main *db); ++extern char *rules_reject(unsigned char *rule, struct db_main *db); + + /* + * Applies rule to a word. Returns the updated word, or NULL if rejected or +@@ -61,7 +61,7 @@ + * split == 0 "single crack" mode, only one word + * split < 0 other cracking modes, "single crack" mode rules are invalid + */ +-extern char *rules_apply(char *word, char *rule, int split); ++extern char *rules_apply(char *word, unsigned char *rule, int split); + + /* + * Checks if all the rules for context are valid. Returns the number of rules, --- john-1.7.2.orig/debian/patches/makefile.diff +++ john-1.7.2/debian/patches/makefile.diff @@ -0,0 +1,105 @@ +--- john-1.6.orig/src/Makefile ++++ john-1.6/src/Makefile +@@ -116,13 +116,13 @@ + $(LN) x86-any.h arch.h + $(MAKE) $(PROJ) \ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ +- CFLAGS="$(CFLAGS) -m486" ++ CFLAGS="$(CFLAGS) -mcpu=i486" + + linux-x86-mmx-elf: + $(LN) x86-mmx.h arch.h + $(MAKE) $(PROJ) \ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ +- CFLAGS="$(CFLAGS) -m486" ++ CFLAGS="$(CFLAGS) -mcpu=i486" + + linux-x86-k6-elf: + $(LN) x86-k6.h arch.h +@@ -133,10 +133,10 @@ + $(LN) x86-any.h arch.h + $(MAKE) $(PROJ) \ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ +- CFLAGS="$(CFLAGS) -m486" \ ++ CFLAGS="$(CFLAGS) -mcpu=i486" \ + ASFLAGS="$(ASFLAGS) -DUNDERSCORES -DALIGN_LOG" + +-linux-alpha: ++linux-alpha: alpha.h + $(LN) alpha.h arch.h + $(MAKE) $(PROJ) \ + JOHN_OBJS="$(BITSLICE_OBJS) $(JOHN_OBJS) alpha.o" +@@ -146,9 +146,9 @@ + $(MAKE) $(PROJ) \ + JOHN_OBJS="$(JOHN_OBJS) alpha.o" + +-linux-sparc: +- $(MAKE) HAMMER=use-linux-sparc sparc.h +- ln -s sparc.h arch.h ++linux-sparc: ++ $(MAKE) use-linux-sparc HAMMER=use-linux-sparc NAIL=sparc.h ++ $(LN) sparc.h arch.h + $(MAKE) use-linux-sparc NAIL="$(PROJ)" + + use-linux-sparc: +@@ -160,7 +160,7 @@ + $(LN) x86-any.h arch.h + $(MAKE) $(PROJ) \ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ +- CFLAGS="$(CFLAGS) -m486" \ ++ CFLAGS="$(CFLAGS) -mcpu=i486" \ + ASFLAGS="$(ASFLAGS) -DUNDERSCORES -DALIGN_LOG -DBSD" + + freebsd-x86-k6-a.out: +@@ -173,14 +173,14 @@ + $(LN) x86-any.h arch.h + $(MAKE) $(PROJ) \ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ +- CFLAGS="$(CFLAGS) -m486" \ ++ CFLAGS="$(CFLAGS) -mcpu=i486" \ + ASFLAGS="$(ASFLAGS) -DBSD" + + freebsd-x86-mmx-elf: + $(LN) x86-mmx.h arch.h + $(MAKE) $(PROJ) \ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ +- CFLAGS="$(CFLAGS) -m486" \ ++ CFLAGS="$(CFLAGS) -mcpu=i486" \ + ASFLAGS="$(ASFLAGS) -DBSD" + + freebsd-x86-k6-elf: +@@ -193,7 +193,7 @@ + $(LN) x86-any.h arch.h + $(MAKE) $(PROJ) \ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ +- CFLAGS="$(CFLAGS) -m486" \ ++ CFLAGS="$(CFLAGS) -mcpu=i486" \ + ASFLAGS="$(ASFLAGS) -DUNDERSCORES -DALIGN_LOG -DBSD" + + openbsd-x86-k6: +@@ -260,7 +260,7 @@ + $(MAKE) $(PROJ) \ + SHELL=/bin/sh \ + JOHN_OBJS="$(JOHN_OBJS) solaris-x86.o" \ +- CFLAGS="$(CFLAGS) -m486" ++ CFLAGS="$(CFLAGS) -mcpu=i486" + + solaris-x86-k6: + $(RM) arch.h +@@ -340,14 +340,14 @@ + copy x86-any.h arch.h + $(MAKE) $(PROJ_DOS) \ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ +- CFLAGS="$(CFLAGS) -m486" \ ++ CFLAGS="$(CFLAGS) -mcpu=i486" \ + ASFLAGS="$(ASFLAGS) -DUNDERSCORES -DALIGN_LOG" + + dos-djgpp-x86-mmx: + copy x86-mmx.h arch.h + $(MAKE) $(PROJ_DOS) \ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ +- CFLAGS="$(CFLAGS) -m486" \ ++ CFLAGS="$(CFLAGS) -mcpu=i486" \ + ASFLAGS="$(ASFLAGS) -DUNDERSCORES -DALIGN_LOG" + + dos-djgpp-x86-k6: --- john-1.7.2.orig/debian/patches/07-update_FAQ.patch +++ john-1.7.2/debian/patches/07-update_FAQ.patch @@ -0,0 +1,11 @@ +--- john-1.7.2.orig/doc/FAQ ++++ john-1.7.2/doc/FAQ +@@ -70,6 +70,8 @@ + + Q: Where do I get wordlists for use with John? + A: http://www.openwall.com/wordlists/ ++A: Please also read /usr/share/doc/john/README.wordlists for more ++information on getting wordlists to use with John. + + Q: Where do I get new versions of John the Ripper? + Q: Where do I get the source code for John? --- john-1.7.2.orig/debian/patches/03-add_NetLM-NetNTLM.patch +++ john-1.7.2/debian/patches/03-add_NetLM-NetNTLM.patch @@ -0,0 +1,1264 @@ +--- john-1.7.2.orig/src/Makefile ++++ john-1.7.2/src/Makefile +@@ -18,6 +18,7 @@ + CFLAGS = -c -Wall -O2 -fomit-frame-pointer + ASFLAGS = -c + LDFLAGS = -s ++LIBS = -lcrypto + OPT_NORMAL = -funroll-loops + OPT_INLINE = -finline-functions + +@@ -30,6 +31,9 @@ + LM_fmt.o \ + NT_fmt.o \ + mscash_fmt.o \ ++ NETLM_fmt.o \ ++ NETNTLM_fmt.o \ ++ md4.o smbencrypt.o \ + batch.o bench.o charset.o common.o compiler.o config.o cracker.o \ + crc32.o external.o formats.o getopt.o idle.o inc.o john.o list.o \ + loader.o logger.o math.o memory.o misc.o options.o params.o path.o \ +@@ -659,7 +663,7 @@ + $(LD) $(LDFLAGS) $(BENCH_OBJS) -o bench + + ../run/john: $(JOHN_OBJS) +- $(LD) $(LDFLAGS) $(JOHN_OBJS) -o ../run/john ++ $(LD) $(LDFLAGS) $(JOHN_OBJS) -o ../run/john $(LIBS) + + ../run/unshadow: ../run/john + $(RM) ../run/unshadow +--- /dev/null ++++ john-1.7.2/src/NETLM_fmt.c +@@ -0,0 +1,249 @@ ++/* ++ * NETLM_fmt.c -- LM Challenge/Response ++ * ++ * Written by JoMo-Kun in 2007 ++ * and placed in the public domain. ++ * ++ * This algorithm is designed for performing brute-force cracking of the LM ++ * challenge/response pairs exchanged during network-based authentication ++ * attempts [1]. The captured challenge/response pairs from these attempts ++ * should be stored using the L0phtCrack 2.0 LC format, specifically: ++ * username:unused:unused:lm response:ntlm response:challenge. For example: ++ * ++ * CORP\Administrator:::25B2B477CE101D83648BB087CE7A1C217F51C7FC64C0EBB1:: ++ * C8BD0C1630A9ECF7A95F494A8F0B2CB4A3F25B1225514304:1122334455667788 ++ * ++ * It should be noted that a LM authentication response is not same as a LM ++ * password hash, which can be extracted using tools such as FgDump [2]. LM ++ * responses can be gathered via normal network capture or via tools which ++ * perform layer 2 attacks, such as Ettercap [3] and Cain [4]. The responses can ++ * also be harvested using a modified Samba service [5] in conjunction with ++ * some trickery to convince the user to connect to it. I leave what that ++ * trickery may actually be as an exercise for the reader (HINT: Karma, NMB ++ * broadcasts, IE, Outlook, social engineering, ...). ++ * ++ * [1] http://davenport.sourceforge.net/ntlm.html#theLmResponse ++ * [2] http://www.foofus.net/fizzgig/fgdump/ ++ * [3] http://ettercap.sourceforge.net/ ++ * [4] http://www.oxid.it/cain.html ++ * [5] http://www.foofus.net/jmk/smbchallenge.html ++ * ++ */ ++ ++#include ++#include ++ ++#include "misc.h" ++#include "common.h" ++#include "formats.h" ++ ++#include ++ ++#ifndef uchar ++#define uchar unsigned char ++#endif ++ ++#define FORMAT_LABEL "netlm" ++#define FORMAT_NAME "LM C/R DES" ++#define ALGORITHM_NAME "netlm" ++#define BENCHMARK_COMMENT "" ++#define BENCHMARK_LENGTH 0 ++#define PLAINTEXT_LENGTH 14 ++#define BINARY_SIZE 24 ++#define SALT_SIZE 8 ++#define CIPHERTEXT_LENGTH 48 ++#define TOTAL_LENGTH 8 + 2 * SALT_SIZE + CIPHERTEXT_LENGTH ++#define MIN_KEYS_PER_CRYPT 1 ++#define MAX_KEYS_PER_CRYPT 1 ++ ++static struct fmt_tests tests[] = { ++ {"$NETLM$1122334455667788$6E1EC36D3417CE9E09A4424309F116C4C991948DAEB4ADAD", "G3RG3P00!"}, ++ {"$NETLM$1122334455667788$16A7FDFE0CA109B937BFFB041F0E5B2D8B94A97D3FCA1A18", "HIYAGERGE"}, ++ {"$NETLM$1122334455667788$B3A1B87DBBD4DF3CFA296198DD390C2F4E2E93C5C07B1D8B", "MEDUSAFGDUMP12"}, ++ {"$NETLM$1122334455667788$0836F085B124F33895875FB1951905DD2F85252CC731BB25", "CORY21"}, ++ {NULL} ++}; ++ ++static char saved_plain[PLAINTEXT_LENGTH + 1]; ++static uchar challenge[SALT_SIZE + 1]; ++static uchar output[BINARY_SIZE + 1]; ++ ++static int netlm_valid(char *ciphertext) ++{ ++ char *pos; ++ ++ if (strncmp(ciphertext, "$NETLM$", 5)!=0) return 0; ++ if (ciphertext[23] != '$') return 0; ++ ++ for (pos = &ciphertext[24]; atoi16[ARCH_INDEX(*pos)] != 0x7F; pos++); ++ if (!*pos && pos - ciphertext - 24 == CIPHERTEXT_LENGTH) ++ return 1; ++ else ++ return 0; ++} ++ ++static char *netlm_split(char *ciphertext, int index) ++{ ++ static char out[TOTAL_LENGTH + 1]; ++ ++ memset(out, 0, TOTAL_LENGTH + 1); ++ memcpy(&out, ciphertext, TOTAL_LENGTH); ++ strlwr(&out[6]); /* Exclude: $NETLM$ */ ++ ++ return out; ++} ++ ++static void *netlm_get_binary(char *ciphertext) ++{ ++ static uchar binary[BINARY_SIZE]; ++ int i; ++ ++ ciphertext+=24; ++ for (i=0; i> 1); ++ key[2] = (key_56[1] << 6) | (key_56[2] >> 2); ++ key[3] = (key_56[2] << 5) | (key_56[3] >> 3); ++ key[4] = (key_56[3] << 4) | (key_56[4] >> 4); ++ key[5] = (key_56[4] << 3) | (key_56[5] >> 5); ++ key[6] = (key_56[5] << 2) | (key_56[6] >> 6); ++ key[7] = (key_56[6] << 1); ++ ++ des_set_key(&key, *ks); ++} ++ ++static void netlm_crypt_all(int count) ++{ ++ static unsigned char magic[] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25}; ++ des_key_schedule ks; ++ unsigned char password[14 + 1]; ++ unsigned char lm[21]; ++ ++ memset(password, 0, 14 + 1); ++ memset(lm, 0, 21); ++ memset(output, 0, 24); ++ ++ strncpy((char *) password, saved_plain, 14); ++ ++ /* Generate 16-byte LM hash */ ++ setup_des_key(password, &ks); ++ des_ecb_encrypt((des_cblock*)magic, (des_cblock*)lm, ks, DES_ENCRYPT); ++ setup_des_key(&password[7], &ks); ++ des_ecb_encrypt((des_cblock*)magic, (des_cblock*)&lm[8], ks, DES_ENCRYPT); ++ ++ /* ++ NULL-pad 16-byte LM hash to 21-bytes ++ Split resultant value into three 7-byte thirds ++ DES-encrypt challenge using each third as a key ++ Concatenate three 8-byte resulting values to form 24-byte LM response ++ */ ++ setup_des_key(lm, &ks); ++ des_ecb_encrypt((des_cblock*)challenge, (des_cblock*)output, ks, DES_ENCRYPT); ++ setup_des_key(&lm[7], &ks); ++ des_ecb_encrypt((des_cblock*)challenge, (des_cblock*)&output[8], ks, DES_ENCRYPT); ++ setup_des_key(&lm[14], &ks); ++ des_ecb_encrypt((des_cblock*)challenge, (des_cblock*)&output[16], ks, DES_ENCRYPT); ++} ++ ++static int netlm_cmp_all(void *binary, int count) ++{ ++ return !memcmp(output, binary, BINARY_SIZE); ++} ++ ++static int netlm_cmp_one(void *binary, int index) ++{ ++ return !memcmp(output, binary, BINARY_SIZE); ++} ++ ++static int netlm_cmp_exact(char *source, int index) ++{ ++ return !memcmp(output, netlm_get_binary(source), BINARY_SIZE); ++} ++ ++static void *netlm_get_salt(char *ciphertext) ++{ ++ static unsigned char binary_salt[SALT_SIZE]; ++ int i; ++ ++ ciphertext += 7; ++ for (i = 0; i < SALT_SIZE; ++i) ++ binary_salt[i] = (atoi16[ARCH_INDEX(ciphertext[i*2])] << 4) + atoi16[ARCH_INDEX(ciphertext[i*2+1])]; ++ ++ return (void*)binary_salt; ++} ++ ++static void netlm_set_salt(void *salt) ++{ ++ memcpy(challenge, salt, SALT_SIZE); ++} ++ ++static void netlm_set_key(char *key, int index) ++{ ++ int i; ++ ++ memset(saved_plain, 0, PLAINTEXT_LENGTH + 1); ++ strncpy(saved_plain, key, PLAINTEXT_LENGTH); ++ ++ /* Upper-case password */ ++ for(i=0; i= 'a') && (saved_plain[i] <= 'z')) saved_plain[i] ^= 0x20; ++} ++ ++static char *netlm_get_key(int index) ++{ ++ return saved_plain; ++} ++ ++struct fmt_main fmt_NETLM = { ++ { ++ FORMAT_LABEL, ++ FORMAT_NAME, ++ ALGORITHM_NAME, ++ BENCHMARK_COMMENT, ++ BENCHMARK_LENGTH, ++ PLAINTEXT_LENGTH, ++ BINARY_SIZE, ++ SALT_SIZE, ++ MIN_KEYS_PER_CRYPT, ++ MAX_KEYS_PER_CRYPT, ++ FMT_8_BIT | FMT_BS | FMT_SPLIT_UNIFIES_CASE, ++ tests ++ }, { ++ fmt_default_init, ++ netlm_valid, ++ netlm_split, ++ netlm_get_binary, ++ netlm_get_salt, ++ { ++ fmt_default_binary_hash, ++ fmt_default_binary_hash, ++ fmt_default_binary_hash ++ }, ++ fmt_default_salt_hash, ++ netlm_set_salt, ++ netlm_set_key, ++ netlm_get_key, ++ fmt_default_clear_keys, ++ netlm_crypt_all, ++ { ++ fmt_default_get_hash, ++ fmt_default_get_hash, ++ fmt_default_get_hash ++ }, ++ netlm_cmp_all, ++ netlm_cmp_one, ++ netlm_cmp_exact ++ } ++}; +--- /dev/null ++++ john-1.7.2/src/NETNTLM_fmt.c +@@ -0,0 +1,223 @@ ++/* ++ * NETNTLM_fmt.c -- NTLM Challenge/Response ++ * ++ * Written by JoMo-Kun in 2007 ++ * and placed in the public domain. ++ * ++ * This algorithm is designed for performing brute-force cracking of the NTLM ++ * (version 1) challenge/response pairs exchanged during network-based ++ * authentication attempts [1]. The captured challenge/response pairs from these ++ * attempts should be stored using the L0phtCrack 2.0 LC format, specifically: ++ * username:unused:unused:lm response:ntlm response:challenge. For example: ++ * ++ * CORP\Administrator:::25B2B477CE101D83648BB087CE7A1C217F51C7FC64C0EBB1:: ++ * C8BD0C1630A9ECF7A95F494A8F0B2CB4A3F25B1225514304:1122334455667788 ++ * ++ * It should be noted that a NTLM authentication response is not same as a NTLM ++ * password hash, which can be extracted using tools such as FgDump [2]. NTLM ++ * responses can be gathered via normal network capture or via tools which ++ * perform layer 2 attacks, such as Ettercap [3] and Cain [4]. The responses can ++ * also be harvested using a modified Samba service [5] in conjunction with ++ * some trickery to convince the user to connect to it. I leave what that ++ * trickery may actually be as an exercise for the reader (HINT: Karma, NMB ++ * broadcasts, IE, Outlook, social engineering, ...). ++ * ++ * [1] http://davenport.sourceforge.net/ntlm.html#theNtLmResponse ++ * [2] http://www.foofus.net/fizzgig/fgdump/ ++ * [3] http://ettercap.sourceforge.net/ ++ * [4] http://www.oxid.it/cain.html ++ * [5] http://www.foofus.net/jmk/smbchallenge.html ++ * ++ */ ++ ++#include ++#include ++ ++#include "misc.h" ++#include "common.h" ++#include "formats.h" ++ ++#include ++ ++#ifndef uchar ++#define uchar unsigned char ++#endif ++ ++#define FORMAT_LABEL "netntlm" ++#define FORMAT_NAME "NTLMv1 C/R MD4 DES" ++#define ALGORITHM_NAME "netntlm" ++#define BENCHMARK_COMMENT "" ++#define BENCHMARK_LENGTH 0 ++#define PLAINTEXT_LENGTH 54 /* ?127? */ ++#define BINARY_SIZE 24 ++#define SALT_SIZE 8 ++#define CIPHERTEXT_LENGTH 48 ++#define TOTAL_LENGTH 10 + 2 * SALT_SIZE + CIPHERTEXT_LENGTH ++#define MIN_KEYS_PER_CRYPT 1 ++#define MAX_KEYS_PER_CRYPT 1 ++ ++static struct fmt_tests tests[] = { ++ {"$NETNTLM$1122334455667788$BFCCAF26128EC95F9999C9792F49434267A1D9B0EF89BFFB", "g3rg3g3rg3g3rg3"}, ++ {"$NETNTLM$1122334455667788$E463FAA5D868ECE20CAE622474A2F440A652D642156AF863", "M1xedC4se%^&*@)##(blahblah!@#"}, ++ {"$NETNTLM$1122334455667788$35B62750E1B9B3205C50D6BA351092C12A1B9B3CDC65D44A", "FooBarGerg"}, ++ {"$NETNTLM$1122334455667788$A4765EBFE83D345A7CB1660B8899251905164029F8086DDE", "visit www.foofus.net"}, ++ {"$NETNTLM$1122334455667788$B2B2220790F40C88BCFF347C652F67A7C4A70D3BEBD70233", "cory21"}, ++ {NULL} ++}; ++ ++static char saved_plain[PLAINTEXT_LENGTH + 1]; ++static uchar challenge[SALT_SIZE + 1]; ++static uchar output[BINARY_SIZE + 1]; ++ ++extern void E_md4hash(uchar *passwd, uchar *p16); ++extern void setup_des_key(unsigned char key_56[], des_key_schedule *ks); ++ ++static int netntlm_valid(char *ciphertext) ++{ ++ char *pos; ++ ++ if (strncmp(ciphertext, "$NETNTLM$", 9)!=0) return 0; ++ if (ciphertext[25] != '$') return 0; ++ ++ for (pos = &ciphertext[26]; atoi16[ARCH_INDEX(*pos)] != 0x7F; pos++); ++ if (!*pos && pos - ciphertext - 26 == CIPHERTEXT_LENGTH) ++ return 1; ++ else ++ return 0; ++} ++ ++static char *netntlm_split(char *ciphertext, int index) ++{ ++ static char out[TOTAL_LENGTH + 1]; ++ ++ memset(out, 0, TOTAL_LENGTH + 1); ++ memcpy(&out, ciphertext, TOTAL_LENGTH); ++ strlwr(&out[8]); /* Exclude: $NETNTLM$ */ ++ ++ return out; ++} ++ ++static void *netntlm_get_binary(char *ciphertext) ++{ ++ static uchar binary[BINARY_SIZE]; ++ int i; ++ ++ ciphertext+=26; ++ for (i=0; i I am confused about the way that byteorder.h works in Samba. I have ++> looked at it, and I would have thought that you might make a distinction ++> between LE and BE machines, but you only seem to distinguish between 386 ++> and all other architectures. ++> ++> Can you give me a clue? ++ ++sure. ++ ++The distinction between 386 and other architectures is only there as ++an optimisation. You can take it out completely and it will make no ++difference. The routines (macros) in byteorder.h are totally byteorder ++independent. The 386 optimsation just takes advantage of the fact that ++the x86 processors don't care about alignment, so we don't have to ++align ints on int boundaries etc. If there are other processors out ++there that aren't alignment sensitive then you could also define ++CAREFUL_ALIGNMENT=0 on those processors as well. ++ ++Ok, now to the macros themselves. I'll take a simple example, say we ++want to extract a 2 byte integer from a SMB packet and put it into a ++type called uint16 that is in the local machines byte order, and you ++want to do it with only the assumption that uint16 is _at_least_ 16 ++bits long (this last condition is very important for architectures ++that don't have any int types that are 2 bytes long) ++ ++You do this: ++ ++#define CVAL(buf,pos) (((unsigned char *)(buf))[pos]) ++#define PVAL(buf,pos) ((unsigned)CVAL(buf,pos)) ++#define SVAL(buf,pos) (PVAL(buf,pos)|PVAL(buf,(pos)+1)<<8) ++ ++then to extract a uint16 value at offset 25 in a buffer you do this: ++ ++char *buffer = foo_bar(); ++uint16 xx = SVAL(buffer,25); ++ ++We are using the byteoder independence of the ANSI C bitshifts to do ++the work. A good optimising compiler should turn this into efficient ++code, especially if it happens to have the right byteorder :-) ++ ++I know these macros can be made a bit tidier by removing some of the ++casts, but you need to look at byteorder.h as a whole to see the ++reasoning behind them. byteorder.h defines the following macros: ++ ++SVAL(buf,pos) - extract a 2 byte SMB value ++IVAL(buf,pos) - extract a 4 byte SMB value ++SVALS(buf,pos) signed version of SVAL() ++IVALS(buf,pos) signed version of IVAL() ++ ++SSVAL(buf,pos,val) - put a 2 byte SMB value into a buffer ++SIVAL(buf,pos,val) - put a 4 byte SMB value into a buffer ++SSVALS(buf,pos,val) - signed version of SSVAL() ++SIVALS(buf,pos,val) - signed version of SIVAL() ++ ++RSVAL(buf,pos) - like SVAL() but for NMB byte ordering ++RSVALS(buf,pos) - like SVALS() but for NMB byte ordering ++RIVAL(buf,pos) - like IVAL() but for NMB byte ordering ++RIVALS(buf,pos) - like IVALS() but for NMB byte ordering ++RSSVAL(buf,pos,val) - like SSVAL() but for NMB ordering ++RSIVAL(buf,pos,val) - like SIVAL() but for NMB ordering ++RSIVALS(buf,pos,val) - like SIVALS() but for NMB ordering ++ ++it also defines lots of intermediate macros, just ignore those :-) ++ ++*/ ++ ++/* some switch macros that do both store and read to and from SMB buffers */ ++ ++#define RW_PCVAL(read,inbuf,outbuf,len) \ ++ { if (read) { PCVAL (inbuf,0,outbuf,len); } \ ++ else { PSCVAL(inbuf,0,outbuf,len); } } ++ ++#define RW_PIVAL(read,big_endian,inbuf,outbuf,len) \ ++ { if (read) { if (big_endian) { RPIVAL(inbuf,0,outbuf,len); } else { PIVAL(inbuf,0,outbuf,len); } } \ ++ else { if (big_endian) { RPSIVAL(inbuf,0,outbuf,len); } else { PSIVAL(inbuf,0,outbuf,len); } } } ++ ++#define RW_PSVAL(read,big_endian,inbuf,outbuf,len) \ ++ { if (read) { if (big_endian) { RPSVAL(inbuf,0,outbuf,len); } else { PSVAL(inbuf,0,outbuf,len); } } \ ++ else { if (big_endian) { RPSSVAL(inbuf,0,outbuf,len); } else { PSSVAL(inbuf,0,outbuf,len); } } } ++ ++#define RW_CVAL(read, inbuf, outbuf, offset) \ ++ { if (read) { (outbuf) = CVAL (inbuf,offset); } \ ++ else { SCVAL(inbuf,offset,outbuf); } } ++ ++#define RW_IVAL(read, big_endian, inbuf, outbuf, offset) \ ++ { if (read) { (outbuf) = ((big_endian) ? RIVAL(inbuf,offset) : IVAL (inbuf,offset)); } \ ++ else { if (big_endian) { RSIVAL(inbuf,offset,outbuf); } else { SIVAL(inbuf,offset,outbuf); } } } ++ ++#define RW_SVAL(read, big_endian, inbuf, outbuf, offset) \ ++ { if (read) { (outbuf) = ((big_endian) ? RSVAL(inbuf,offset) : SVAL (inbuf,offset)); } \ ++ else { if (big_endian) { RSSVAL(inbuf,offset,outbuf); } else { SSVAL(inbuf,offset,outbuf); } } } ++ ++#undef CAREFUL_ALIGNMENT ++ ++/* we know that the 386 can handle misalignment and has the "right" ++ byteorder */ ++#ifdef __i386__ ++#define CAREFUL_ALIGNMENT 0 ++#endif ++ ++#ifndef CAREFUL_ALIGNMENT ++#define CAREFUL_ALIGNMENT 1 ++#endif ++ ++#define CVAL(buf,pos) (((unsigned char *)(buf))[pos]) ++#define PVAL(buf,pos) ((unsigned)CVAL(buf,pos)) ++#define SCVAL(buf,pos,val) (CVAL(buf,pos) = (val)) ++ ++ ++#if CAREFUL_ALIGNMENT ++ ++#define SVAL(buf,pos) (PVAL(buf,pos)|PVAL(buf,(pos)+1)<<8) ++#define IVAL(buf,pos) (SVAL(buf,pos)|SVAL(buf,(pos)+2)<<16) ++#define SSVALX(buf,pos,val) (CVAL(buf,pos)=(val)&0xFF,CVAL(buf,pos+1)=(val)>>8) ++#define SIVALX(buf,pos,val) (SSVALX(buf,pos,val&0xFFFF),SSVALX(buf,pos+2,val>>16)) ++#define SVALS(buf,pos) ((int16)SVAL(buf,pos)) ++#define IVALS(buf,pos) ((int32)IVAL(buf,pos)) ++#define SSVAL(buf,pos,val) SSVALX((buf),(pos),((uint16)(val))) ++#define SIVAL(buf,pos,val) SIVALX((buf),(pos),((uint32)(val))) ++#define SSVALS(buf,pos,val) SSVALX((buf),(pos),((int16)(val))) ++#define SIVALS(buf,pos,val) SIVALX((buf),(pos),((int32)(val))) ++ ++#else /* CAREFUL_ALIGNMENT */ ++ ++/* this handles things for architectures like the 386 that can handle ++ alignment errors */ ++/* ++ WARNING: This section is dependent on the length of int16 and int32 ++ being correct ++*/ ++ ++/* get single value from an SMB buffer */ ++#define SVAL(buf,pos) (*(const uint16 *)((const char *)(buf) + (pos))) ++#define IVAL(buf,pos) (*(const uint32 *)((const char *)(buf) + (pos))) ++#define SVALS(buf,pos) (*(const int16 *)((const char *)(buf) + (pos))) ++#define IVALS(buf,pos) (*(const int32 *)((const char *)(buf) + (pos))) ++ ++/* store single value in an SMB buffer */ ++#define SVALMOD(buf,pos) (*(uint16 *)((char *)(buf) + (pos))) ++#define IVALMOD(buf,pos) (*(uint32 *)((char *)(buf) + (pos))) ++#define SVALSMOD(buf,pos) (*(int16 *)((char *)(buf) + (pos))) ++#define IVALSMOD(buf,pos) (*(int32 *)((char *)(buf) + (pos))) ++ ++#define SSVAL(buf,pos,val) SVALMOD(buf,pos)=((uint16)(val)) ++#define SIVAL(buf,pos,val) IVALMOD(buf,pos)=((uint32)(val)) ++#define SSVALS(buf,pos,val) SVALSMOD(buf,pos)=((int16)(val)) ++#define SIVALS(buf,pos,val) IVALSMOD(buf,pos)=((int32)(val)) ++ ++#endif /* CAREFUL_ALIGNMENT */ ++ ++/* macros for reading / writing arrays */ ++ ++#define SMBMACRO(macro,buf,pos,val,len,size) \ ++{ uint32 l; for (l = 0; l < (uint32)(len); l++) (val)[l] = macro((buf), (pos) + (size)*l); } ++ ++#define SSMBMACRO(macro,buf,pos,val,len,size) \ ++{ uint32 l; for (l = 0; l < (uint32)(len); l++) macro((buf), (pos) + (size)*l, (val)[l]); } ++ ++/* reads multiple data from an SMB buffer */ ++#define PCVAL(buf,pos,val,len) SMBMACRO(CVAL,buf,pos,val,len,1) ++#define PSVAL(buf,pos,val,len) SMBMACRO(SVAL,buf,pos,val,len,2) ++#define PIVAL(buf,pos,val,len) SMBMACRO(IVAL,buf,pos,val,len,4) ++#define PCVALS(buf,pos,val,len) SMBMACRO(CVALS,buf,pos,val,len,1) ++#define PSVALS(buf,pos,val,len) SMBMACRO(SVALS,buf,pos,val,len,2) ++#define PIVALS(buf,pos,val,len) SMBMACRO(IVALS,buf,pos,val,len,4) ++ ++/* stores multiple data in an SMB buffer */ ++#define PSCVAL(buf,pos,val,len) SSMBMACRO(SCVAL,buf,pos,val,len,1) ++#define PSSVAL(buf,pos,val,len) SSMBMACRO(SSVAL,buf,pos,val,len,2) ++#define PSIVAL(buf,pos,val,len) SSMBMACRO(SIVAL,buf,pos,val,len,4) ++#define PSCVALS(buf,pos,val,len) SSMBMACRO(SCVALS,buf,pos,val,len,1) ++#define PSSVALS(buf,pos,val,len) SSMBMACRO(SSVALS,buf,pos,val,len,2) ++#define PSIVALS(buf,pos,val,len) SSMBMACRO(SIVALS,buf,pos,val,len,4) ++ ++ ++/* now the reverse routines - these are used in nmb packets (mostly) */ ++#define SREV(x) ((((x)&0xFF)<<8) | (((x)>>8)&0xFF)) ++#define IREV(x) ((SREV(x)<<16) | (SREV((x)>>16))) ++ ++#define RSVAL(buf,pos) SREV(SVAL(buf,pos)) ++#define RSVALS(buf,pos) SREV(SVALS(buf,pos)) ++#define RIVAL(buf,pos) IREV(IVAL(buf,pos)) ++#define RIVALS(buf,pos) IREV(IVALS(buf,pos)) ++#define RSSVAL(buf,pos,val) SSVAL(buf,pos,SREV(val)) ++#define RSSVALS(buf,pos,val) SSVALS(buf,pos,SREV(val)) ++#define RSIVAL(buf,pos,val) SIVAL(buf,pos,IREV(val)) ++#define RSIVALS(buf,pos,val) SIVALS(buf,pos,IREV(val)) ++ ++/* reads multiple data from an SMB buffer (big-endian) */ ++#define RPSVAL(buf,pos,val,len) SMBMACRO(RSVAL,buf,pos,val,len,2) ++#define RPIVAL(buf,pos,val,len) SMBMACRO(RIVAL,buf,pos,val,len,4) ++#define RPSVALS(buf,pos,val,len) SMBMACRO(RSVALS,buf,pos,val,len,2) ++#define RPIVALS(buf,pos,val,len) SMBMACRO(RIVALS,buf,pos,val,len,4) ++ ++/* stores multiple data in an SMB buffer (big-endian) */ ++#define RPSSVAL(buf,pos,val,len) SSMBMACRO(RSSVAL,buf,pos,val,len,2) ++#define RPSIVAL(buf,pos,val,len) SSMBMACRO(RSIVAL,buf,pos,val,len,4) ++#define RPSSVALS(buf,pos,val,len) SSMBMACRO(RSSVALS,buf,pos,val,len,2) ++#define RPSIVALS(buf,pos,val,len) SSMBMACRO(RSIVALS,buf,pos,val,len,4) ++ ++#define DBG_RW_PCVAL(charmode,string,depth,base,read,inbuf,outbuf,len) \ ++ { RW_PCVAL(read,inbuf,outbuf,len) \ ++ DEBUG(5,("%s%04x %s: ", \ ++ tab_depth(depth), base,string)); \ ++ if (charmode) print_asc(5, (unsigned char*)(outbuf), (len)); else \ ++ { uint32 idx; for (idx = 0; idx < len; idx++) { DEBUG(5,("%02x ", (outbuf)[idx])); } } \ ++ DEBUG(5,("\n")); } ++ ++#define DBG_RW_PSVAL(charmode,string,depth,base,read,big_endian,inbuf,outbuf,len) \ ++ { RW_PSVAL(read,big_endian,inbuf,outbuf,len) \ ++ DEBUG(5,("%s%04x %s: ", \ ++ tab_depth(depth), base,string)); \ ++ if (charmode) print_asc(5, (unsigned char*)(outbuf), 2*(len)); else \ ++ { uint32 idx; for (idx = 0; idx < len; idx++) { DEBUG(5,("%04x ", (outbuf)[idx])); } } \ ++ DEBUG(5,("\n")); } ++ ++#define DBG_RW_PIVAL(charmode,string,depth,base,read,big_endian,inbuf,outbuf,len) \ ++ { RW_PIVAL(read,big_endian,inbuf,outbuf,len) \ ++ DEBUG(5,("%s%04x %s: ", \ ++ tab_depth(depth), base,string)); \ ++ if (charmode) print_asc(5, (unsigned char*)(outbuf), 4*(len)); else \ ++ { uint32 idx; for (idx = 0; idx < len; idx++) { DEBUG(5,("%08x ", (outbuf)[idx])); } } \ ++ DEBUG(5,("\n")); } ++ ++#define DBG_RW_CVAL(string,depth,base,read,inbuf,outbuf) \ ++ { RW_CVAL(read,inbuf,outbuf,0) \ ++ DEBUG(5,("%s%04x %s: %02x\n", \ ++ tab_depth(depth), base, string, outbuf)); } ++ ++#define DBG_RW_SVAL(string,depth,base,read,big_endian,inbuf,outbuf) \ ++ { RW_SVAL(read,big_endian,inbuf,outbuf,0) \ ++ DEBUG(5,("%s%04x %s: %04x\n", \ ++ tab_depth(depth), base, string, outbuf)); } ++ ++#define DBG_RW_IVAL(string,depth,base,read,big_endian,inbuf,outbuf) \ ++ { RW_IVAL(read,big_endian,inbuf,outbuf,0) \ ++ DEBUG(5,("%s%04x %s: %08x\n", \ ++ tab_depth(depth), base, string, outbuf)); } ++ ++/* Alignment macros. */ ++#define ALIGN4(p,base) ((p) + ((4 - (PTR_DIFF((p), (base)) & 3)) & 3)) ++#define ALIGN2(p,base) ((p) + ((2 - (PTR_DIFF((p), (base)) & 1)) & 1)) ++ ++#endif /* _BYTEORDER_H */ +--- john-1.7.2.orig/src/inc.c ++++ john-1.7.2/src/inc.c +@@ -23,6 +23,7 @@ + #include "cracker.h" + + extern struct fmt_main fmt_LM; ++extern struct fmt_main fmt_NETLM; + + typedef char (*char2_table) + [CHARSET_SIZE + 1][CHARSET_SIZE + 1]; +@@ -377,6 +378,8 @@ + if (!mode) { + if (db->format == &fmt_LM) + mode = "LanMan"; ++ else if (db->format == &fmt_NETLM) ++ mode = "LanMan"; + else + mode = "All"; + } +--- john-1.7.2.orig/src/john.c ++++ john-1.7.2/src/john.c +@@ -40,6 +40,8 @@ + extern struct fmt_main fmt_AFS, fmt_LM; + extern struct fmt_main fmt_NT; + extern struct fmt_main fmt_mscash; ++extern struct fmt_main fmt_NETLM; ++extern struct fmt_main fmt_NETNTLM; + + extern int unshadow(int argc, char **argv); + extern int unafs(int argc, char **argv); +@@ -68,7 +70,8 @@ + john_register_one(&fmt_LM); + john_register_one(&fmt_NT); + john_register_one(&fmt_mscash); +- ++ john_register_one(&fmt_NETLM); ++ john_register_one(&fmt_NETNTLM); + + if (!fmt_list) { + fprintf(stderr, "Unknown ciphertext format name requested\n"); +--- john-1.7.2.orig/src/loader.c ++++ john-1.7.2/src/loader.c +@@ -230,6 +230,25 @@ + + if (source) sprintf(source, "%s:%s", uid, line); + } ++ else if (options.format && ((strncmp(options.format, "netlm", 5) == 0) || ++ (strncmp(options.format, "netntlm", 7) == 0))) { ++ char *netlm = ldr_get_field(&line); ++ char *netntlm = ldr_get_field(&line); ++ char *challenge = ldr_get_field(&line); ++ ++ if (strncmp(options.format, "netlm", 5) == 0) { ++ tmp = (char *) mem_alloc(7 + strlen(challenge) + strlen(netlm) + 1); ++ memset(tmp, 0, 7 + strlen(challenge) + strlen(netlm) + 1); ++ sprintf(tmp, "$NETLM$%s$%s", challenge, netlm); ++ *ciphertext = tmp; ++ } ++ else { ++ tmp = (char *) mem_alloc(9 + strlen(challenge) + strlen(netntlm) + 1); ++ memset(tmp, 0, 9 + strlen(challenge) + strlen(netntlm) + 1); ++ sprintf(tmp, "$NETNTLM$%s$%s", challenge, netntlm); ++ *ciphertext = tmp; ++ } ++ } + + if (db_options->flags & DB_WORDS || db_options->shells->head) { + gid = ldr_get_field(&line); +--- /dev/null ++++ john-1.7.2/src/md4.c +@@ -0,0 +1,254 @@ ++/* ++ * This is an OpenSSL-compatible implementation of the RSA Data Security, ++ * Inc. MD4 Message-Digest Algorithm (RFC 1320). ++ * ++ * Written by Solar Designer in 2001, and placed ++ * in the public domain. There's absolutely no warranty. ++ * ++ * This differs from Colin Plumb's older public domain implementation in ++ * that no 32-bit integer data type is required, there's no compile-time ++ * endianness configuration, and the function prototypes match OpenSSL's. ++ * The primary goals are portability and ease of use. ++ * ++ * This implementation is meant to be fast, but not as fast as possible. ++ * Some known optimizations are not included to reduce source code size ++ * and avoid compile-time configuration. ++ */ ++ ++#ifndef HAVE_OPENSSL ++ ++#include ++ ++#include "md4.h" ++ ++/* ++ * The basic MD4 functions. ++ * ++ * F and G are optimized compared to their RFC 1320 definitions, with the ++ * optimization for F borrowed from Colin Plumb's MD5 implementation. ++ */ ++#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) ++#define G(x, y, z) (((x) & ((y) | (z))) | ((y) & (z))) ++#define H(x, y, z) ((x) ^ (y) ^ (z)) ++ ++/* ++ * The MD4 transformation for all three rounds. ++ */ ++#define STEP(f, a, b, c, d, x, s) \ ++ (a) += f((b), (c), (d)) + (x); \ ++ (a) = (((a) << (s)) | (((a) & 0xffffffff) >> (32 - (s)))); ++ ++/* ++ * SET reads 4 input bytes in little-endian byte order and stores them ++ * in a properly aligned word in host byte order. ++ * ++ * The check for little-endian architectures that tolerate unaligned ++ * memory accesses is just an optimization. Nothing will break if it ++ * doesn't work. ++ */ ++#if defined(__i386__) || defined(__x86_64__) || defined(__vax__) ++#define SET(n) \ ++ (*(MD4_u32plus *)&ptr[(n) * 4]) ++#define GET(n) \ ++ SET(n) ++#else ++#define SET(n) \ ++ (ctx->block[(n)] = \ ++ (MD4_u32plus)ptr[(n) * 4] | \ ++ ((MD4_u32plus)ptr[(n) * 4 + 1] << 8) | \ ++ ((MD4_u32plus)ptr[(n) * 4 + 2] << 16) | \ ++ ((MD4_u32plus)ptr[(n) * 4 + 3] << 24)) ++#define GET(n) \ ++ (ctx->block[(n)]) ++#endif ++ ++/* ++ * This processes one or more 64-byte data blocks, but does NOT update ++ * the bit counters. There are no alignment requirements. ++ */ ++static void *body(MD4_CTX *ctx, void *data, unsigned long size) ++{ ++ unsigned char *ptr; ++ MD4_u32plus a, b, c, d; ++ MD4_u32plus saved_a, saved_b, saved_c, saved_d; ++ ++ ptr = data; ++ ++ a = ctx->a; ++ b = ctx->b; ++ c = ctx->c; ++ d = ctx->d; ++ ++ do { ++ saved_a = a; ++ saved_b = b; ++ saved_c = c; ++ saved_d = d; ++ ++/* Round 1 */ ++ STEP(F, a, b, c, d, SET(0), 3) ++ STEP(F, d, a, b, c, SET(1), 7) ++ STEP(F, c, d, a, b, SET(2), 11) ++ STEP(F, b, c, d, a, SET(3), 19) ++ STEP(F, a, b, c, d, SET(4), 3) ++ STEP(F, d, a, b, c, SET(5), 7) ++ STEP(F, c, d, a, b, SET(6), 11) ++ STEP(F, b, c, d, a, SET(7), 19) ++ STEP(F, a, b, c, d, SET(8), 3) ++ STEP(F, d, a, b, c, SET(9), 7) ++ STEP(F, c, d, a, b, SET(10), 11) ++ STEP(F, b, c, d, a, SET(11), 19) ++ STEP(F, a, b, c, d, SET(12), 3) ++ STEP(F, d, a, b, c, SET(13), 7) ++ STEP(F, c, d, a, b, SET(14), 11) ++ STEP(F, b, c, d, a, SET(15), 19) ++ ++/* Round 2 */ ++ STEP(G, a, b, c, d, GET(0) + 0x5a827999, 3) ++ STEP(G, d, a, b, c, GET(4) + 0x5a827999, 5) ++ STEP(G, c, d, a, b, GET(8) + 0x5a827999, 9) ++ STEP(G, b, c, d, a, GET(12) + 0x5a827999, 13) ++ STEP(G, a, b, c, d, GET(1) + 0x5a827999, 3) ++ STEP(G, d, a, b, c, GET(5) + 0x5a827999, 5) ++ STEP(G, c, d, a, b, GET(9) + 0x5a827999, 9) ++ STEP(G, b, c, d, a, GET(13) + 0x5a827999, 13) ++ STEP(G, a, b, c, d, GET(2) + 0x5a827999, 3) ++ STEP(G, d, a, b, c, GET(6) + 0x5a827999, 5) ++ STEP(G, c, d, a, b, GET(10) + 0x5a827999, 9) ++ STEP(G, b, c, d, a, GET(14) + 0x5a827999, 13) ++ STEP(G, a, b, c, d, GET(3) + 0x5a827999, 3) ++ STEP(G, d, a, b, c, GET(7) + 0x5a827999, 5) ++ STEP(G, c, d, a, b, GET(11) + 0x5a827999, 9) ++ STEP(G, b, c, d, a, GET(15) + 0x5a827999, 13) ++ ++/* Round 3 */ ++ STEP(H, a, b, c, d, GET(0) + 0x6ed9eba1, 3) ++ STEP(H, d, a, b, c, GET(8) + 0x6ed9eba1, 9) ++ STEP(H, c, d, a, b, GET(4) + 0x6ed9eba1, 11) ++ STEP(H, b, c, d, a, GET(12) + 0x6ed9eba1, 15) ++ STEP(H, a, b, c, d, GET(2) + 0x6ed9eba1, 3) ++ STEP(H, d, a, b, c, GET(10) + 0x6ed9eba1, 9) ++ STEP(H, c, d, a, b, GET(6) + 0x6ed9eba1, 11) ++ STEP(H, b, c, d, a, GET(14) + 0x6ed9eba1, 15) ++ STEP(H, a, b, c, d, GET(1) + 0x6ed9eba1, 3) ++ STEP(H, d, a, b, c, GET(9) + 0x6ed9eba1, 9) ++ STEP(H, c, d, a, b, GET(5) + 0x6ed9eba1, 11) ++ STEP(H, b, c, d, a, GET(13) + 0x6ed9eba1, 15) ++ STEP(H, a, b, c, d, GET(3) + 0x6ed9eba1, 3) ++ STEP(H, d, a, b, c, GET(11) + 0x6ed9eba1, 9) ++ STEP(H, c, d, a, b, GET(7) + 0x6ed9eba1, 11) ++ STEP(H, b, c, d, a, GET(15) + 0x6ed9eba1, 15) ++ ++ a += saved_a; ++ b += saved_b; ++ c += saved_c; ++ d += saved_d; ++ ++ ptr += 64; ++ } while (size -= 64); ++ ++ ctx->a = a; ++ ctx->b = b; ++ ctx->c = c; ++ ctx->d = d; ++ ++ return ptr; ++} ++ ++void MD4_Init(MD4_CTX *ctx) ++{ ++ ctx->a = 0x67452301; ++ ctx->b = 0xefcdab89; ++ ctx->c = 0x98badcfe; ++ ctx->d = 0x10325476; ++ ++ ctx->lo = 0; ++ ctx->hi = 0; ++} ++ ++void MD4_Update(MD4_CTX *ctx, void *data, unsigned long size) ++{ ++ MD4_u32plus saved_lo; ++ unsigned long used, free; ++ ++ saved_lo = ctx->lo; ++ if ((ctx->lo = (saved_lo + size) & 0x1fffffff) < saved_lo) ++ ctx->hi++; ++ ctx->hi += size >> 29; ++ ++ used = saved_lo & 0x3f; ++ ++ if (used) { ++ free = 64 - used; ++ ++ if (size < free) { ++ memcpy(&ctx->buffer[used], data, size); ++ return; ++ } ++ ++ memcpy(&ctx->buffer[used], data, free); ++ data = (unsigned char *)data + free; ++ size -= free; ++ body(ctx, ctx->buffer, 64); ++ } ++ ++ if (size >= 64) { ++ data = body(ctx, data, size & ~(unsigned long)0x3f); ++ size &= 0x3f; ++ } ++ ++ memcpy(ctx->buffer, data, size); ++} ++ ++void MD4_Final(unsigned char *result, MD4_CTX *ctx) ++{ ++ unsigned long used, free; ++ ++ used = ctx->lo & 0x3f; ++ ++ ctx->buffer[used++] = 0x80; ++ ++ free = 64 - used; ++ ++ if (free < 8) { ++ memset(&ctx->buffer[used], 0, free); ++ body(ctx, ctx->buffer, 64); ++ used = 0; ++ free = 64; ++ } ++ ++ memset(&ctx->buffer[used], 0, free - 8); ++ ++ ctx->lo <<= 3; ++ ctx->buffer[56] = ctx->lo; ++ ctx->buffer[57] = ctx->lo >> 8; ++ ctx->buffer[58] = ctx->lo >> 16; ++ ctx->buffer[59] = ctx->lo >> 24; ++ ctx->buffer[60] = ctx->hi; ++ ctx->buffer[61] = ctx->hi >> 8; ++ ctx->buffer[62] = ctx->hi >> 16; ++ ctx->buffer[63] = ctx->hi >> 24; ++ ++ body(ctx, ctx->buffer, 64); ++ ++ result[0] = ctx->a; ++ result[1] = ctx->a >> 8; ++ result[2] = ctx->a >> 16; ++ result[3] = ctx->a >> 24; ++ result[4] = ctx->b; ++ result[5] = ctx->b >> 8; ++ result[6] = ctx->b >> 16; ++ result[7] = ctx->b >> 24; ++ result[8] = ctx->c; ++ result[9] = ctx->c >> 8; ++ result[10] = ctx->c >> 16; ++ result[11] = ctx->c >> 24; ++ result[12] = ctx->d; ++ result[13] = ctx->d >> 8; ++ result[14] = ctx->d >> 16; ++ result[15] = ctx->d >> 24; ++ ++ memset(ctx, 0, sizeof(*ctx)); ++} ++ ++#endif +--- /dev/null ++++ john-1.7.2/src/md4.h +@@ -0,0 +1,30 @@ ++/* ++ * This is an OpenSSL-compatible implementation of the RSA Data Security, ++ * Inc. MD4 Message-Digest Algorithm (RFC 1320). ++ * ++ * Written by Solar Designer in 2001, and placed ++ * in the public domain. There's absolutely no warranty. ++ * ++ * See md4.c for more information. ++ */ ++ ++#ifdef HAVE_OPENSSL ++#include ++#elif !defined(_MD4_H) ++#define _MD4_H ++ ++/* Any 32-bit or wider unsigned integer data type will do */ ++typedef unsigned int MD4_u32plus; ++ ++typedef struct { ++ MD4_u32plus lo, hi; ++ MD4_u32plus a, b, c, d; ++ unsigned char buffer[64]; ++ MD4_u32plus block[16]; ++} MD4_CTX; ++ ++extern void MD4_Init(MD4_CTX *ctx); ++extern void MD4_Update(MD4_CTX *ctx, void *data, unsigned long size); ++extern void MD4_Final(unsigned char *result, MD4_CTX *ctx); ++ ++#endif +--- john-1.7.2.orig/src/options.c ++++ john-1.7.2/src/options.c +@@ -101,7 +101,7 @@ + "--salts=[-]COUNT load salts with[out] at least COUNT passwords " \ + "only\n" \ + "--format=NAME force ciphertext format NAME: " \ +- "DES/BSDI/MD5/BF/AFS/LM/NT/mscash\n" \ ++ "DES/BSDI/MD5/BF/AFS/LM/NT/mscash/NETLM/NETNTLM\n" \ + "--save-memory=LEVEL enable memory saving, at LEVEL 1..3\n" + + void opt_init(char *name, int argc, char **argv) +--- /dev/null ++++ john-1.7.2/src/smbencrypt.c +@@ -0,0 +1,108 @@ ++/* ++ Unix SMB/Netbios implementation. ++ Version 1.9. ++ SMB parameters and setup ++ Copyright (C) Andrew Tridgell 1992-1998 ++ Modified by Jeremy Allison 1995. ++ (and hacked further by others) ++ ++ This program is free software; you can redistribute it and/or modify ++ it under the terms of the GNU General Public License as published by ++ the Free Software Foundation; either version 2 of the License, or ++ (at your option) any later version. ++ ++ This program is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ GNU General Public License for more details. ++ ++ You should have received a copy of the GNU General Public License ++ along with this program; if not, write to the Free Software ++ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++*/ ++ ++ ++#include ++#include ++ ++ ++#ifndef uchar ++#define uchar unsigned char ++#endif ++ ++#if !defined(uint16) && !defined(HAVE_UINT16_FROM_RPC_RPC_H) ++#if (SIZEOF_SHORT == 4) ++#define uint16 __ERROR___CANNOT_DETERMINE_TYPE_FOR_INT16; ++#else /* SIZEOF_SHORT != 4 */ ++#define uint16 unsigned short ++#endif /* SIZEOF_SHORT != 4 */ ++#endif ++ ++#if !defined(int16) && !defined(HAVE_INT16_FROM_RPC_RPC_H) ++#if (SIZEOF_SHORT == 4) ++#define int16 __ERROR___CANNOT_DETERMINE_TYPE_FOR_INT16; ++#else /* SIZEOF_SHORT != 4 */ ++#define int16 short ++#endif /* SIZEOF_SHORT != 4 */ ++#endif ++ ++#include "byteorder.h" ++ ++#include "md4.h" ++ ++/* Routines for Windows NT MD4 Hash functions. */ ++static int _my_wcslen(int16 *str) ++{ ++ int len = 0; ++ while(*str++ != 0) ++ len++; ++ return len; ++} ++ ++/* ++ * Convert a string into an NT UNICODE string. ++ * Note that regardless of processor type ++ * this must be in intel (little-endian) ++ * format. ++ */ ++ ++int _my_mbstowcs(int16 *dst, uchar *src, int len) ++{ ++ int i; ++ int16 val; ++ ++ for(i = 0; i < len; i++) { ++ val = *src; ++ SSVAL(dst,0,val); ++ dst++; ++ src++; ++ if(val == 0) ++ break; ++ } ++ return i; ++} ++ ++/* ++ * Creates the MD4 Hash of the users password in NT UNICODE. ++ */ ++ ++void E_md4hash(uchar *passwd, uchar *p16) ++{ ++ int len; ++ int16 wpwd[129]; ++ MD4_CTX ctx; ++ ++ /* Password cannot be longer than 128 characters */ ++ len = strlen((char *)passwd); ++ if(len > 128) ++ len = 128; ++ /* Password must be converted to NT unicode */ ++ _my_mbstowcs(wpwd, passwd, len); ++ wpwd[len] = 0; /* Ensure string is null terminated */ ++ /* Calculate length in bytes */ ++ len = _my_wcslen(wpwd) * sizeof(int16); ++ ++ MD4_Init(&ctx); ++ MD4_Update(&ctx, (unsigned char *)wpwd, len); ++ MD4_Final(p16, &ctx); ++} --- john-1.7.2.orig/debian/patches/01-add_NTLM-MD4.patch +++ john-1.7.2/debian/patches/01-add_NTLM-MD4.patch @@ -0,0 +1,1255 @@ +--- john-1.7.2.orig/src/Makefile ++++ john-1.7.2/src/Makefile +@@ -28,6 +28,7 @@ + BF_fmt.o BF_std.o \ + AFS_fmt.o \ + LM_fmt.o \ ++ NT_fmt.o \ + batch.o bench.o charset.o common.o compiler.o config.o cracker.o \ + crc32.o external.o formats.o getopt.o idle.o inc.o john.o list.o \ + loader.o logger.o math.o memory.o misc.o options.o params.o path.o \ +--- /dev/null ++++ john-1.7.2/src/NT_fmt.c +@@ -0,0 +1,613 @@ ++/* NTLM patch for john (performance improvement) ++ * ++ * Written by Alain Espinosa in 2007 ++ * and placed in the public domain. ++ */ ++ ++#include ++#include "arch.h" ++#include "misc.h" ++#include "memory.h" ++#include "common.h" ++#include "formats.h" ++ ++//Init values ++#define INIT_A 0x67452301 ++#define INIT_B 0xefcdab89 ++#define INIT_C 0x98badcfe ++#define INIT_D 0x10325476 ++ ++#define SQRT_2 0x5a827999 ++#define SQRT_3 0x6ed9eba1 ++ ++ ++#define FORMAT_LABEL "nt" ++#define FORMAT_NAME "NT MD4" ++ ++#define BENCHMARK_COMMENT "" ++#define BENCHMARK_LENGTH -1 ++ ++#define PLAINTEXT_LENGTH 27 ++#define CIPHERTEXT_LENGTH 36 ++ ++static struct fmt_tests tests[] = { ++ {"$NT$b7e4b9022cd45f275334bbdb83bb5be5", "John the Ripper"}, ++ {"$NT$8846f7eaee8fb117ad06bdd830b7586c", "password"}, ++ {"$NT$0cb6948805f797bf2a82807973b89537", "test"}, ++ {"$NT$31d6cfe0d16ae931b73c59d7e0c089c0", ""}, ++ {NULL} ++}; ++ ++#define BINARY_SIZE 16 ++#define SALT_SIZE 0 ++ ++#if defined (NT_X86_64) ++ #define NT_NUM_KEYS 32 ++ ++ unsigned int nt_buffer8x[16*NT_NUM_KEYS] __attribute__ ((aligned(16))); ++ unsigned int output8x[4*NT_NUM_KEYS] __attribute__ ((aligned(16))); ++ ++ #define ALGORITHM_NAME "X86-64 SSE2 8x" ++ #define NT_CRYPT_FUN nt_crypt_all_x86_64 ++ extern void nt_crypt_all_x86_64(int count); ++#elif defined (NT_SSE2) ++ #define NT_NUM_KEYS 40 ++ #define NT_NUM_KEYS1 8 ++ #define NT_NUM_KEYS4 32 ++ ++ unsigned int nt_buffer4x[64*NT_NUM_KEYS1] __attribute__ ((aligned(16))); ++ unsigned int output4x[16*NT_NUM_KEYS1] __attribute__ ((aligned(16))); ++ ++ unsigned int nt_buffer1x[16*NT_NUM_KEYS1]; ++ unsigned int output1x[4*NT_NUM_KEYS1]; ++ ++ #define ALGORITHM_NAME "X86 SSE2 5x" ++ #define NT_CRYPT_FUN nt_crypt_all_sse2 ++ extern void nt_crypt_all_sse2(int count); ++#else ++ #define NT_NUM_KEYS 64 ++ unsigned int nt_buffer1x[16*NT_NUM_KEYS]; ++ unsigned int output1x[4*NT_NUM_KEYS]; ++ ++ #define ALGORITHM_NAME "Generic 1x" ++ #define NT_CRYPT_FUN nt_crypt_all_generic ++ static void nt_crypt_all_generic(int count) ++ { ++ unsigned int a; ++ unsigned int b; ++ unsigned int c; ++ unsigned int d; ++ unsigned int i=0; ++ ++ for(;i>29); ++ d = INIT_D+(INIT_C ^ (a & 0x77777777)) +nt_buffer1x[i*16+1];d=(d<<7 )|(d>>25); ++ c = INIT_C+(INIT_B ^ (d & (a ^ INIT_B))) +nt_buffer1x[i*16+2];c=(c<<11)|(c>>21); ++ b = INIT_B + (a ^ (c & (d ^ a))) +nt_buffer1x[i*16+3];b=(b<<19)|(b>>13); ++ ++ a += (d ^ (b & (c ^ d))) + nt_buffer1x[i*16+4] ;a = (a << 3 ) | (a >> 29); ++ d += (c ^ (a & (b ^ c))) + nt_buffer1x[i*16+5] ;d = (d << 7 ) | (d >> 25); ++ c += (b ^ (d & (a ^ b))) + nt_buffer1x[i*16+6] ;c = (c << 11) | (c >> 21); ++ b += (a ^ (c & (d ^ a))) + nt_buffer1x[i*16+7] ;b = (b << 19) | (b >> 13); ++ ++ a += (d ^ (b & (c ^ d))) + nt_buffer1x[i*16+8] ;a = (a << 3 ) | (a >> 29); ++ d += (c ^ (a & (b ^ c))) + nt_buffer1x[i*16+9] ;d = (d << 7 ) | (d >> 25); ++ c += (b ^ (d & (a ^ b))) + nt_buffer1x[i*16+10] ;c = (c << 11) | (c >> 21); ++ b += (a ^ (c & (d ^ a))) + nt_buffer1x[i*16+11] ;b = (b << 19) | (b >> 13); ++ ++ a += (d ^ (b & (c ^ d))) + nt_buffer1x[i*16+12] ;a = (a << 3 ) | (a >> 29); ++ d += (c ^ (a & (b ^ c))) + nt_buffer1x[i*16+13] ;d = (d << 7 ) | (d >> 25); ++ c += (b ^ (d & (a ^ b))) + nt_buffer1x[i*16+14] ;c = (c << 11) | (c >> 21); ++ b += (a ^ (c & (d ^ a)));b = (b << 19) | (b >> 13); ++ ++ /* Round 2 */ ++ a += ((b & (c | d)) | (c & d))+nt_buffer1x[i*16+0] +SQRT_2;a = (a<<3 ) | (a>>29); ++ d += ((a & (b | c)) | (b & c))+nt_buffer1x[i*16+4] +SQRT_2;d = (d<<5 ) | (d>>27); ++ c += ((d & (a | b)) | (a & b))+nt_buffer1x[i*16+8] +SQRT_2;c = (c<<9 ) | (c>>23); ++ b += ((c & (d | a)) | (d & a))+nt_buffer1x[i*16+12]+SQRT_2;b = (b<<13) | (b>>19); ++ ++ a += ((b & (c | d)) | (c & d))+nt_buffer1x[i*16+1] +SQRT_2;a = (a<<3 ) | (a>>29); ++ d += ((a & (b | c)) | (b & c))+nt_buffer1x[i*16+5] +SQRT_2;d = (d<<5 ) | (d>>27); ++ c += ((d & (a | b)) | (a & b))+nt_buffer1x[i*16+9] +SQRT_2;c = (c<<9 ) | (c>>23); ++ b += ((c & (d | a)) | (d & a))+nt_buffer1x[i*16+13]+SQRT_2;b = (b<<13) | (b>>19); ++ ++ a += ((b & (c | d)) | (c & d))+nt_buffer1x[i*16+2] +SQRT_2;a = (a<<3 ) | (a>>29); ++ d += ((a & (b | c)) | (b & c))+nt_buffer1x[i*16+6] +SQRT_2;d = (d<<5 ) | (d>>27); ++ c += ((d & (a | b)) | (a & b))+nt_buffer1x[i*16+10]+SQRT_2;c = (c<<9 ) | (c>>23); ++ b += ((c & (d | a)) | (d & a))+nt_buffer1x[i*16+14]+SQRT_2;b = (b<<13) | (b>>19); ++ ++ a += ((b & (c | d)) | (c & d))+nt_buffer1x[i*16+3] +SQRT_2;a = (a<<3 ) | (a>>29); ++ d += ((a & (b | c)) | (b & c))+nt_buffer1x[i*16+7] +SQRT_2;d = (d<<5 ) | (d>>27); ++ c += ((d & (a | b)) | (a & b))+nt_buffer1x[i*16+11]+SQRT_2;c = (c<<9 ) | (c>>23); ++ b += ((c & (d | a)) | (d & a)) +SQRT_2;b = (b<<13) | (b>>19); ++ ++ /* Round 3 */ ++ a += (d ^ c ^ b) + nt_buffer1x[i*16+0] + SQRT_3; a = (a << 3 ) | (a >> 29); ++ d += (c ^ b ^ a) + nt_buffer1x[i*16+8] + SQRT_3; d = (d << 9 ) | (d >> 23); ++ c += (b ^ a ^ d) + nt_buffer1x[i*16+4] + SQRT_3; c = (c << 11) | (c >> 21); ++ b += (a ^ d ^ c) + nt_buffer1x[i*16+12] + SQRT_3; b = (b << 15) | (b >> 17); ++ ++ a += (d ^ c ^ b) + nt_buffer1x[i*16+2] + SQRT_3; a = (a << 3 ) | (a >> 29); ++ d += (c ^ b ^ a) + nt_buffer1x[i*16+10] + SQRT_3; d = (d << 9 ) | (d >> 23); ++ c += (b ^ a ^ d) + nt_buffer1x[i*16+6] + SQRT_3; c = (c << 11) | (c >> 21); ++ b += (a ^ d ^ c) + nt_buffer1x[i*16+14] + SQRT_3; b = (b << 15) | (b >> 17); ++ ++ a += (d ^ c ^ b) + nt_buffer1x[i*16+1] + SQRT_3; a = (a << 3 ) | (a >> 29); ++ d += (c ^ b ^ a) + nt_buffer1x[i*16+9] + SQRT_3; d = (d << 9 ) | (d >> 23); ++ c += (b ^ a ^ d) + nt_buffer1x[i*16+5] + SQRT_3; c = (c << 11) | (c >> 21); ++ b += (a ^ d ^ c) + nt_buffer1x[i*16+13]; ++ ++ output1x[4*i+0]=a; ++ output1x[4*i+1]=b; ++ output1x[4*i+2]=c; ++ output1x[4*i+3]=d; ++ } ++ } ++#endif ++ ++unsigned int last_i[NT_NUM_KEYS]; ++char saved_plain[32*NT_NUM_KEYS]; ++ ++#define MIN_KEYS_PER_CRYPT NT_NUM_KEYS ++#define MAX_KEYS_PER_CRYPT NT_NUM_KEYS ++ ++static void fmt_NT_init(void) ++{ ++ memset(last_i,0,4*NT_NUM_KEYS); ++#if defined(NT_X86_64) ++ memset(nt_buffer8x,0,16*4*NT_NUM_KEYS); ++#elif defined(NT_SSE2) ++ memset(nt_buffer4x,0,64*4*NT_NUM_KEYS1); ++ memset(nt_buffer1x,0,16*4*NT_NUM_KEYS1); ++#else ++ memset(nt_buffer1x,0,16*4*NT_NUM_KEYS); ++#endif ++} ++ ++static char * nt_split(char *ciphertext, int index) ++{ ++ static char out[37]; ++ ++ if (!strncmp(ciphertext, "$NT$", 4)) ++ ciphertext += 4; ++ ++ out[0] = '$'; ++ out[1] = 'N'; ++ out[2] = 'T'; ++ out[3] = '$'; ++ ++ memcpy(&out[4], ciphertext, 32); ++ out[36] = 0; ++ ++ strlwr(&out[4]); ++ ++ return out; ++} ++ ++static int valid(char *ciphertext) ++{ ++ char *pos; ++ ++ if (strncmp(ciphertext, "$NT$", 4)!=0) return 0; ++ ++ for (pos = &ciphertext[4]; atoi16[ARCH_INDEX(*pos)] != 0x7F; pos++); ++ ++ if (!*pos && pos - ciphertext == CIPHERTEXT_LENGTH) ++ return 1; ++ else ++ return 0; ++ ++} ++ ++static void *get_binary(char *ciphertext) ++{ ++ static unsigned int out[4]; ++ unsigned int i=0; ++ unsigned int temp; ++ ++ ciphertext+=4; ++ for (; i<4; i++) ++ { ++ temp = (atoi16[ARCH_INDEX(ciphertext[i*8+0])])<<4; ++ temp |= (atoi16[ARCH_INDEX(ciphertext[i*8+1])]); ++ ++ temp |= (atoi16[ARCH_INDEX(ciphertext[i*8+2])])<<12; ++ temp |= (atoi16[ARCH_INDEX(ciphertext[i*8+3])])<<8; ++ ++ temp |= (atoi16[ARCH_INDEX(ciphertext[i*8+4])])<<20; ++ temp |= (atoi16[ARCH_INDEX(ciphertext[i*8+5])])<<16; ++ ++ temp |= (atoi16[ARCH_INDEX(ciphertext[i*8+6])])<<28; ++ temp |= (atoi16[ARCH_INDEX(ciphertext[i*8+7])])<<24; ++ ++ out[i]=temp; ++ } ++ ++ out[0] -= INIT_A; ++ out[1] -= INIT_B; ++ out[2] -= INIT_C; ++ out[3] -= INIT_D; ++ ++ out[1] = (out[1] >> 15) | (out[1] << 17); ++ out[1] -= SQRT_3 + (out[2] ^ out[3] ^ out[0]); ++ out[1] = (out[1] >> 15) | (out[1] << 17); ++ out[1] -= SQRT_3; ++ ++ return out; ++} ++ ++static int binary_hash_0(void *binary) ++{ ++ return ((unsigned int *)binary)[1] & 0x0F; ++} ++ ++static int binary_hash_1(void *binary) ++{ ++ return ((unsigned int *)binary)[1] & 0xFF; ++} ++ ++static int binary_hash_2(void *binary) ++{ ++ return ((unsigned int *)binary)[1] & 0x0FFF; ++} ++ ++static int get_hash_0(int index) ++{ ++#if defined(NT_X86_64) ++ return output8x[32*(index>>3)+8+index%8] & 0x0F; ++#elif defined(NT_SSE2) ++ if(index>2)+4+index%4] & 0x0F; ++ else ++ return output1x[(index-NT_NUM_KEYS4)*4+1] & 0x0F; ++#else ++ return output1x[(index<<2)+1] & 0x0F; ++#endif ++} ++ ++static int get_hash_1(int index) ++{ ++#if defined(NT_X86_64) ++ return output8x[32*(index>>3)+8+index%8] & 0xFF; ++#elif defined(NT_SSE2) ++ if(index>2)+4+index%4] & 0xFF; ++ else ++ return output1x[(index-NT_NUM_KEYS4)*4+1] & 0xFF; ++#else ++ return output1x[(index<<2)+1] & 0xFF; ++#endif ++} ++ ++static int get_hash_2(int index) ++{ ++#if defined(NT_X86_64) ++ return output8x[32*(index>>3)+8+index%8] & 0x0FFF; ++#elif defined(NT_SSE2) ++ if(index>2)+4+index%4] & 0x0FFF; ++ else ++ return output1x[(index-NT_NUM_KEYS4)*4+1] & 0x0FFF; ++#else ++ return output1x[(index<<2)+1] & 0x0FFF; ++#endif ++} ++ ++static int cmp_all(void *binary, int count) ++{ ++ unsigned int i=0; ++ unsigned int b=((unsigned int *)binary)[1]; ++ ++#if defined(NT_X86_64) ++ for(;i<(NT_NUM_KEYS/2);i+=4) ++ if(b==output8x[i] || b==output8x[i+1] || b==output8x[i+2] || b==output8x[i+3] || b==output8x[i+4] || b==output8x[i+5] || b==output8x[i+6] || b==output8x[i+7]) ++ return 1; ++#elif defined(NT_SSE2) ++ unsigned int pos=4; ++ ++ for(;i>3)+index%8; ++ ++ a=output8x[temp]; ++ b=output8x[temp+8]; ++ c=output8x[temp+16]; ++ d=output8x[temp+24]; ++ ++ pos1=24+index%8+128*(index>>3); ++ pos2=64+pos1; ++ pos3=32+pos1; ++#elif defined(NT_SSE2) ++ int temp; ++ ++ if(index>2)+index%4; ++ ++ a=output4x[temp]; ++ b=output4x[temp+4]; ++ c=output4x[temp+8]; ++ d=output4x[temp+12]; ++ ++ pos1=12+index%4+64*(index>>2); ++ pos2=32+pos1; ++ pos3=16+pos1; ++ } ++ else ++ { ++ buffer=nt_buffer1x; ++ ++ temp=4*(index-NT_NUM_KEYS4); ++ ++ a=output1x[temp]; ++ b=output1x[temp+1]; ++ c=output1x[temp+2]; ++ d=output1x[temp+3]; ++ ++ pos1=3+4*temp; ++ pos2=8+pos1; ++ pos3=4+pos1; ++ } ++#else ++ buffer=nt_buffer1x; ++ ++ a=output1x[(index<<2)]; ++ b=output1x[(index<<2)+1]; ++ c=output1x[(index<<2)+2]; ++ d=output1x[(index<<2)+3]; ++ ++ pos1=(index<<4)+3; ++ pos2=8+pos1; ++ pos3=4+pos1; ++#endif ++ if(b!=t[1]) ++ return 0; ++ b += SQRT_3;b = (b << 15) | (b >> 17); ++ ++ a += (b ^ c ^ d) + buffer[pos1] + SQRT_3; a = (a << 3 ) | (a >> 29); ++ if(a!=t[0]) ++ return 0; ++ ++ d += (a ^ b ^ c) + buffer[pos2] + SQRT_3; d = (d << 9 ) | (d >> 23); ++ if(d!=t[3]) ++ return 0; ++ ++ c += (d ^ a ^ b) + buffer[pos3] + SQRT_3; c = (c << 11) | (c >> 21); ++ return c==t[2]; ++} ++ ++static int cmp_exact(char *source, int index) ++{ ++ return 1; ++} ++ ++static void set_salt(void *salt) ++{ ++} ++ ++static void set_key(char *key, int index) ++{ ++ unsigned int i=0; ++ unsigned int md4_size=0; ++ unsigned int saved_base=index<<5; ++ unsigned int temp; ++ int buff_base; ++#if defined(NT_X86_64) ++ unsigned int last_lenght=last_i[index]<<2; ++ ++ buff_base=128*(index>>3)+index%8; ++ ++ for(;key[md4_size] && md4_size>2)+index%4; ++ ++ for(;key[md4_size] && md4_size>=1; ++ ++ for(;i<=last_lenght;i++) ++ nt_buffer1x[i+buff_base]=0; ++ ++ last_i[index]=md4_size>>1; ++ ++ nt_buffer1x[14+buff_base] = md4_size << 4; ++ } ++#else ++ buff_base=index<<4; ++ ++ for(;key[md4_size] && md4_size>1; ++ ++ nt_buffer1x[buff_base+14] = md4_size << 4; ++#endif ++} ++ ++static char *get_key(int index) ++{ ++ return saved_plain+(index<<5); ++} ++ ++struct fmt_main fmt_NT = { ++ { ++ FORMAT_LABEL, ++ FORMAT_NAME, ++ ALGORITHM_NAME, ++ BENCHMARK_COMMENT, ++ BENCHMARK_LENGTH, ++ PLAINTEXT_LENGTH, ++ BINARY_SIZE, ++ SALT_SIZE, ++ MIN_KEYS_PER_CRYPT, ++ MAX_KEYS_PER_CRYPT, ++ FMT_CASE | FMT_8_BIT | FMT_SPLIT_UNIFIES_CASE, ++ tests ++ }, { ++ fmt_NT_init, ++ valid, ++ nt_split, ++ get_binary, ++ fmt_default_salt, ++ { ++ binary_hash_0, ++ binary_hash_1, ++ binary_hash_2 ++ }, ++ fmt_default_salt_hash, ++ set_salt, ++ set_key, ++ get_key, ++ fmt_default_clear_keys, ++ NT_CRYPT_FUN, ++ { ++ get_hash_0, ++ get_hash_1, ++ get_hash_2 ++ }, ++ cmp_all, ++ cmp_one, ++ cmp_exact ++ } ++}; +--- john-1.7.2.orig/src/john.c ++++ john-1.7.2/src/john.c +@@ -38,6 +38,7 @@ + + extern struct fmt_main fmt_DES, fmt_BSDI, fmt_MD5, fmt_BF; + extern struct fmt_main fmt_AFS, fmt_LM; ++extern struct fmt_main fmt_NT; + + extern int unshadow(int argc, char **argv); + extern int unafs(int argc, char **argv); +@@ -64,6 +65,8 @@ + john_register_one(&fmt_BF); + john_register_one(&fmt_AFS); + john_register_one(&fmt_LM); ++ john_register_one(&fmt_NT); ++ + + if (!fmt_list) { + fprintf(stderr, "Unknown ciphertext format name requested\n"); +--- john-1.7.2.orig/src/loader.c ++++ john-1.7.2/src/loader.c +@@ -18,6 +18,7 @@ + #include "signals.h" + #include "formats.h" + #include "loader.h" ++#include "options.h" + + /* + * Flags for read_file(). +@@ -183,7 +184,7 @@ + static int ldr_split_line(char **login, char **ciphertext, + char **gecos, char **home, + char *source, struct fmt_main **format, +- struct db_options *options, char *line) ++ struct db_options *db_options, char *line) + { + char *uid = NULL, *gid = NULL, *shell = NULL; + char *tmp; +@@ -206,10 +207,31 @@ + if (!strncmp(*ciphertext, "NO PASSWORD", 11)) + *ciphertext = ""; + ++ /* NT loader hack starts here ! */ ++ ++ if (options.format && (strncmp(options.format, "nt", 2)==0)) { ++ ++ tmp = ldr_get_field(&line); ++ *ciphertext = tmp; ++ ++ if (!strncmp(*ciphertext, "NO PASSWORD", 11)) ++ *ciphertext = ""; ++ else if(strlen(*ciphertext) == 32) { ++ *ciphertext -= 4; ++ strncpy(*ciphertext,"$NT$",4); ++ } ++ else { ++ return 0; ++ } ++ ++ } ++ ++ /* NT loader hack ends here ! */ ++ + if (source) sprintf(source, "%s:%s", uid, line); + } + +- if (options->flags & DB_WORDS || options->shells->head) { ++ if (db_options->flags & DB_WORDS || db_options->shells->head) { + gid = ldr_get_field(&line); + do { + *gecos = ldr_get_field(&line); +@@ -218,13 +240,13 @@ + } while (!**gecos && + !strcmp(*home, "0") && !strcmp(shell, "0")); + } else +- if (options->groups->head) { ++ if (db_options->groups->head) { + gid = ldr_get_field(&line); + } + +- if (ldr_check_list(options->users, *login, uid)) return 0; +- if (ldr_check_list(options->groups, gid, gid)) return 0; +- if (ldr_check_shells(options->shells, shell)) return 0; ++ if (ldr_check_list(db_options->users, *login, uid)) return 0; ++ if (ldr_check_list(db_options->groups, gid, gid)) return 0; ++ if (ldr_check_shells(db_options->shells, shell)) return 0; + + if (*format) return (*format)->methods.valid(*ciphertext); + +--- john-1.7.2.orig/src/options.c ++++ john-1.7.2/src/options.c +@@ -60,7 +60,7 @@ + {"salts", FLG_SALTS, FLG_SALTS, FLG_PASSWD, OPT_REQ_PARAM, + "%d", &options.loader.min_pps}, + {"format", FLG_FORMAT, FLG_FORMAT, +- FLG_CRACKING_SUP, ++ 0, + FLG_MAKECHR_CHK | FLG_STDOUT | OPT_REQ_PARAM, + OPT_FMT_STR_ALLOC, &options.format}, + {"save-memory", FLG_SAVEMEM, FLG_SAVEMEM, 0, OPT_REQ_PARAM, +@@ -101,7 +101,7 @@ + "--salts=[-]COUNT load salts with[out] at least COUNT passwords " \ + "only\n" \ + "--format=NAME force ciphertext format NAME: " \ +- "DES/BSDI/MD5/BF/AFS/LM\n" \ ++ "DES/BSDI/MD5/BF/AFS/LM/NT\n" \ + "--save-memory=LEVEL enable memory saving, at LEVEL 1..3\n" + + void opt_init(char *name, int argc, char **argv) +--- john-1.7.2.orig/src/x86-64.S ++++ john-1.7.2/src/x86-64.S +@@ -13,6 +13,9 @@ + #define DES_bs_crypt _DES_bs_crypt + #define DES_bs_crypt_25 _DES_bs_crypt_25 + #define DES_bs_crypt_LM _DES_bs_crypt_LM ++#define nt_buffer8x _nt_buffer8x ++#define output8x _output8x ++#define nt_crypt_all_x86_64 _nt_crypt_all_x86_64 + #endif + + #ifdef ALIGN_LOG +@@ -1040,3 +1043,236 @@ + subl $1,rounds + jnz DES_bs_crypt_LM_loop + ret ++ ++ ++/* ++extern nt_crypt_all_x86_64(int count); ++*/ ++ ++.globl nt_crypt_all_x86_64 ++ ++.data ++DO_ALIGN(6) ++const_init_a: ++.long 0xFFFFFFFF ++.long 0xFFFFFFFF ++.long 0xFFFFFFFF ++.long 0xFFFFFFFF ++const_init_b: ++.long 0xefcdab89 ++.long 0xefcdab89 ++.long 0xefcdab89 ++.long 0xefcdab89 ++const_init_c: ++.long 0x98badcfe ++.long 0x98badcfe ++.long 0x98badcfe ++.long 0x98badcfe ++const_init_d: ++.long 0x10325476 ++.long 0x10325476 ++.long 0x10325476 ++.long 0x10325476 ++ ++const_stage2: ++.long 0x5a827999 ++.long 0x5a827999 ++.long 0x5a827999 ++.long 0x5a827999 ++const_stage3: ++.long 0x6ed9eba1 ++.long 0x6ed9eba1 ++.long 0x6ed9eba1 ++.long 0x6ed9eba1 ++ ++#define a %xmm0 ++#define b %xmm1 ++#define c %xmm2 ++#define d %xmm3 ++#define t1 %xmm4 ++#define t2 %xmm5 ++#define t3 %xmm6 ++#define t4 %xmm7 ++ ++#undef a3 ++#define a3 %xmm8 ++#define b3 %xmm9 ++#define c3 %xmm10 ++#define d3 %xmm11 ++#define t13 %xmm12 ++#define t23 %xmm13 ++ ++/* ++#define F(x, y, z) (z ^ (x & (y ^ z))) ++#define G(x, y, z) ((x & (y | z)) | (y & z)) ++#define H(x, y, z) (x ^ y ^ z) ++ ++#define STEP(f, a, b, c, d, x, s) ++ a += f(b, c, d) + x; ++ a = (a << s) | (a >> (32 - s)); ++*/ ++#define STEP1(aa, bb, cc, dd, aa3, bb3, cc3, dd3, x, s, base) \ ++ paddd (512*base)+(x*32)+nt_buffer8x, aa; \ ++ paddd (512*base)+(x*32)+16+nt_buffer8x, aa3; \ ++ movdqa cc, t1; \ ++ movdqa cc3, t13; \ ++ pxor dd, t1; \ ++ pxor dd3, t13; \ ++ pand bb, t1; \ ++ pand bb3, t13; \ ++ pxor dd, t1; \ ++ pxor dd3, t13; \ ++ paddd t1, aa; \ ++ paddd t13, aa3; \ ++ movdqa aa, t2; \ ++ movdqa aa3, t23; \ ++ pslld $s, aa; \ ++ pslld $s, aa3; \ ++ psrld $(32-s), t2; \ ++ psrld $(32-s), t23; \ ++ por t2, aa; \ ++ por t23, aa3; ++ ++#define STEP2(aa, bb, cc, dd, aa3, bb3, cc3, dd3, x, s, base) \ ++ paddd (512*base)+(x*32)+nt_buffer8x, aa; \ ++ paddd (512*base)+(x*32)+16+nt_buffer8x, aa3; \ ++ movdqa cc, t1; \ ++ movdqa cc3, t13; \ ++ movdqa cc, t2; \ ++ movdqa cc3, t23; \ ++ por dd, t1; \ ++ por dd3, t13; \ ++ pand dd, t2; \ ++ pand dd3, t23; \ ++ pand bb, t1; \ ++ pand bb3, t13; \ ++ paddd t3, aa; \ ++ paddd t3, aa3; \ ++ por t2, t1; \ ++ por t23, t13; \ ++ paddd t1, aa; \ ++ paddd t13, aa3; \ ++ movdqa aa, t1; \ ++ movdqa aa3, t13; \ ++ pslld $s, aa; \ ++ pslld $s, aa3; \ ++ psrld $(32-s), t1; \ ++ psrld $(32-s), t13; \ ++ por t1, aa; \ ++ por t13, aa3; ++ ++#define STEP3(aa, bb, cc, dd, aa3, bb3, cc3, dd3, x, s, base) \ ++ paddd (512*base)+(x*32)+nt_buffer8x, aa; \ ++ paddd (512*base)+(x*32)+16+nt_buffer8x, aa3; \ ++ movdqa dd, t1; \ ++ movdqa dd3, t13; \ ++ pxor cc, t1; \ ++ pxor cc3, t13; \ ++ paddd t4, aa; \ ++ paddd t4, aa3; \ ++ pxor bb, t1; \ ++ pxor bb3, t13; \ ++ paddd t1, aa; \ ++ paddd t13, aa3; \ ++ movdqa aa, t1; \ ++ movdqa aa3, t13; \ ++ pslld $s, aa; \ ++ pslld $s, aa3; \ ++ psrld $(32-s), t1; \ ++ psrld $(32-s), t13; \ ++ por t1, aa; \ ++ por t13, aa3; ++ ++#define NT_CRYPT_BODY(base) \ ++ movdqa const_init_a, a; \ ++ movdqa const_init_a, a3; \ ++ movdqa const_init_b, b; \ ++ movdqa const_init_b, b3; \ ++ movdqa const_init_c, c; \ ++ movdqa const_init_c, c3; \ ++ movdqa const_init_d, d; \ ++ movdqa const_init_d, d3; \ ++ \ ++ paddd (512*base)+nt_buffer8x, a; \ ++ paddd (512*base)+16+nt_buffer8x, a3; \ ++ pslld $3, a; \ ++ pslld $3, a3; \ ++ \ ++ STEP1(d, a, b, c, d3, a3, b3, c3, 1 , 7 , base) \ ++ STEP1(c, d, a, b, c3, d3, a3, b3, 2 , 11, base) \ ++ STEP1(b, c, d, a, b3, c3, d3, a3, 3 , 19, base) \ ++ STEP1(a, b, c, d, a3, b3, c3, d3, 4 , 3 , base) \ ++ STEP1(d, a, b, c, d3, a3, b3, c3, 5 , 7 , base) \ ++ STEP1(c, d, a, b, c3, d3, a3, b3, 6 , 11, base) \ ++ STEP1(b, c, d, a, b3, c3, d3, a3, 7 , 19, base) \ ++ STEP1(a, b, c, d, a3, b3, c3, d3, 8 , 3 , base) \ ++ STEP1(d, a, b, c, d3, a3, b3, c3, 9 , 7 , base) \ ++ STEP1(c, d, a, b, c3, d3, a3, b3, 10, 11, base) \ ++ STEP1(b, c, d, a, b3, c3, d3, a3, 11, 19, base) \ ++ STEP1(a, b, c, d, a3, b3, c3, d3, 12, 3 , base) \ ++ STEP1(d, a, b, c, d3, a3, b3, c3, 13, 7 , base) \ ++ STEP1(c, d, a, b, c3, d3, a3, b3, 14, 11, base) \ ++ STEP1(b, c, d, a, b3, c3, d3, a3, 15, 19, base) \ ++ \ ++ STEP2(a, b, c, d, a3, b3, c3, d3, 0 , 3 , base) \ ++ STEP2(d, a, b, c, d3, a3, b3, c3, 4 , 5 , base) \ ++ STEP2(c, d, a, b, c3, d3, a3, b3, 8 , 9 , base) \ ++ STEP2(b, c, d, a, b3, c3, d3, a3, 12, 13, base) \ ++ STEP2(a, b, c, d, a3, b3, c3, d3, 1 , 3 , base) \ ++ STEP2(d, a, b, c, d3, a3, b3, c3, 5 , 5 , base) \ ++ STEP2(c, d, a, b, c3, d3, a3, b3, 9 , 9 , base) \ ++ STEP2(b, c, d, a, b3, c3, d3, a3, 13, 13, base) \ ++ STEP2(a, b, c, d, a3, b3, c3, d3, 2 , 3 , base) \ ++ STEP2(d, a, b, c, d3, a3, b3, c3, 6 , 5 , base) \ ++ STEP2(c, d, a, b, c3, d3, a3, b3, 10, 9 , base) \ ++ STEP2(b, c, d, a, b3, c3, d3, a3, 14, 13, base) \ ++ STEP2(a, b, c, d, a3, b3, c3, d3, 3 , 3 , base) \ ++ STEP2(d, a, b, c, d3, a3, b3, c3, 7 , 5 , base) \ ++ STEP2(c, d, a, b, c3, d3, a3, b3, 11, 9 , base) \ ++ STEP2(b, c, d, a, b3, c3, d3, a3, 15, 13, base) \ ++ \ ++ STEP3(a, b, c, d, a3, b3, c3, d3, 0 , 3 , base) \ ++ STEP3(d, a, b, c, d3, a3, b3, c3, 8 , 9 , base) \ ++ STEP3(c, d, a, b, c3, d3, a3, b3, 4 , 11, base) \ ++ STEP3(b, c, d, a, b3, c3, d3, a3, 12, 15, base) \ ++ STEP3(a, b, c, d, a3, b3, c3, d3, 2 , 3 , base) \ ++ STEP3(d, a, b, c, d3, a3, b3, c3, 10, 9 , base) \ ++ STEP3(c, d, a, b, c3, d3, a3, b3, 6 , 11, base) \ ++ STEP3(b, c, d, a, b3, c3, d3, a3, 14, 15, base) \ ++ STEP3(a, b, c, d, a3, b3, c3, d3, 1 , 3 , base) \ ++ STEP3(d, a, b, c, d3, a3, b3, c3, 9 , 9 , base) \ ++ STEP3(c, d, a, b, c3, d3, a3, b3, 5 , 11, base) \ ++ movdqa a, t1; \ ++ movdqa a3, t13; \ ++ paddd (512*base)+416+nt_buffer8x, b; \ ++ paddd (512*base)+416+16+nt_buffer8x, b3; \ ++ pxor d, t1; \ ++ pxor d3,t13; \ ++ pxor c, t1; \ ++ pxor c3,t13; \ ++ paddd t1, b; \ ++ paddd t13,b3; \ ++ \ ++ movdqa a, (128*base)+output8x; \ ++ movdqa a3, (128*base)+16+output8x; \ ++ movdqa b, (128*base)+32+output8x; \ ++ movdqa b3, (128*base)+32+16+output8x; \ ++ movdqa c, (128*base)+64+output8x; \ ++ movdqa c3, (128*base)+64+16+output8x; \ ++ movdqa d, (128*base)+96+output8x; \ ++ movdqa d3, (128*base)+96+16+output8x; ++ ++.text ++ ++DO_ALIGN(6) ++ ++nt_crypt_all_x86_64: ++ movdqa const_stage2, t3 ++ movdqa const_stage3, t4 ++ ++ NT_CRYPT_BODY(0) ++ NT_CRYPT_BODY(1) ++ NT_CRYPT_BODY(2) ++ NT_CRYPT_BODY(3) ++ ++ ret +--- john-1.7.2.orig/src/x86-64.h ++++ john-1.7.2/src/x86-64.h +@@ -45,4 +45,6 @@ + #define BF_ASM 0 + #define BF_SCALE 1 + ++#define NT_X86_64 ++ + #endif +--- john-1.7.2.orig/src/x86-sse.S ++++ john-1.7.2/src/x86-sse.S +@@ -15,6 +15,11 @@ + #define DES_bs_crypt _DES_bs_crypt + #define DES_bs_crypt_25 _DES_bs_crypt_25 + #define DES_bs_crypt_LM _DES_bs_crypt_LM ++#define nt_crypt_all_sse2 _nt_crypt_all_sse2 ++#define nt_buffer4x _nt_buffer4x ++#define nt_buffer1x _nt_buffer1x ++#define output4x _output4x ++#define output1x _output1x + #endif + + /* +@@ -1289,3 +1294,238 @@ + jnz DES_bs_crypt_LM_loop + popl %esi + ret ++ ++ ++ ++/* ++extern nt_crypt_all_sse2(int count); ++*/ ++ ++.globl nt_crypt_all_sse2 ++ ++.data ++DO_ALIGN(6) ++const_init_a: ++.long 0xFFFFFFFF ++.long 0xFFFFFFFF ++.long 0xFFFFFFFF ++.long 0xFFFFFFFF ++const_init_b: ++.long 0xefcdab89 ++.long 0xefcdab89 ++.long 0xefcdab89 ++.long 0xefcdab89 ++const_init_c: ++.long 0x98badcfe ++.long 0x98badcfe ++.long 0x98badcfe ++.long 0x98badcfe ++const_init_d: ++.long 0x10325476 ++.long 0x10325476 ++.long 0x10325476 ++.long 0x10325476 ++ ++const_stage2: ++.long 0x5a827999 ++.long 0x5a827999 ++.long 0x5a827999 ++.long 0x5a827999 ++const_stage3: ++.long 0x6ed9eba1 ++.long 0x6ed9eba1 ++.long 0x6ed9eba1 ++.long 0x6ed9eba1 ++ ++#define a %xmm0 ++#define b %xmm1 ++#define c %xmm2 ++#define d %xmm3 ++#define t1 %xmm4 ++#define t2 %xmm5 ++#define t3 %xmm6 ++#define t4 %xmm7 ++ ++#undef a3 ++#define a3 %eax ++#define b3 %ebx ++#define c3 %ecx ++#define d3 %edx ++#define t13 %esi ++#define t23 %edi ++#define Q2 $0x5a827999 ++#define Q3 $0x6ed9eba1 ++ ++/* ++#define F(x, y, z) (z ^ (x & (y ^ z))) ++#define G(x, y, z) ((x & (y | z)) | (y & z)) ++#define H(x, y, z) (x ^ y ^ z) ++ ++#define STEP(f, a, b, c, d, x, s) ++ a += f(b, c, d) + x; ++ a = (a << s) | (a >> (32 - s)); ++*/ ++#define STEP1(aa, bb, cc, dd, aa3, bb3, cc3, dd3, x, s, base) \ ++ paddd (256*base)+(x*16)+nt_buffer4x, aa; \ ++ add (64*base)+(x*4)+nt_buffer1x, aa3; \ ++ movdqa cc, t1; \ ++ mov cc3, t13; \ ++ pxor dd, t1; \ ++ xor dd3, t13; \ ++ pand bb, t1; \ ++ and bb3, t13; \ ++ pxor dd, t1; \ ++ xor dd3, t13; \ ++ paddd t1, aa; \ ++ add t13, aa3; \ ++ movdqa aa, t2; \ ++ rol $s, aa3; \ ++ pslld $s, aa; \ ++ psrld $(32-s), t2; \ ++ por t2, aa; ++ ++#define STEP2(aa, bb, cc, dd, aa3, bb3, cc3, dd3, x, s, base) \ ++ paddd (256*base)+(x*16)+nt_buffer4x, aa; \ ++ add (64*base)+(x*4)+nt_buffer1x, aa3; \ ++ movdqa cc, t1; \ ++ mov cc3, t13; \ ++ movdqa cc, t2; \ ++ mov cc3, t23; \ ++ por dd, t1; \ ++ or dd3, t13; \ ++ pand dd, t2; \ ++ and dd3, t23; \ ++ pand bb, t1; \ ++ and bb3, t13; \ ++ paddd t3, aa; \ ++ add Q2, aa3; \ ++ por t2, t1; \ ++ or t23, t13; \ ++ paddd t1, aa; \ ++ add t13, aa3; \ ++ movdqa aa, t1; \ ++ rol $s, aa3; \ ++ pslld $s, aa; \ ++ psrld $(32-s), t1; \ ++ por t1, aa; ++ ++#define STEP3(aa, bb, cc, dd, aa3, bb3, cc3, dd3, x, s, base) \ ++ paddd (256*base)+(x*16)+nt_buffer4x, aa; \ ++ add (64*base)+(x*4)+nt_buffer1x, aa3; \ ++ movdqa dd, t1; \ ++ mov dd3, t13; \ ++ pxor cc, t1; \ ++ xor cc3, t13; \ ++ paddd t4, aa; \ ++ add Q3, aa3; \ ++ pxor bb, t1; \ ++ xor bb3, t13; \ ++ paddd t1, aa; \ ++ add t13, aa3; \ ++ movdqa aa, t1; \ ++ rol $s, aa3; \ ++ pslld $s, aa; \ ++ psrld $(32-s), t1; \ ++ por t1, aa; ++ ++#define NT_CRYPT_BODY(base) \ ++ movdqa const_init_a, a; \ ++ mov const_init_a, a3; \ ++ movdqa const_init_b, b; \ ++ mov const_init_b, b3; \ ++ movdqa const_init_c, c; \ ++ mov const_init_c, c3; \ ++ movdqa const_init_d, d; \ ++ mov const_init_d, d3; \ ++ \ ++ paddd (256*base)+nt_buffer4x, a; \ ++ add (64*base)+nt_buffer1x, a3; \ ++ pslld $3, a; \ ++ rol $3, a3; \ ++ \ ++ STEP1(d, a, b, c, d3, a3, b3, c3, 1 , 7 , base) \ ++ STEP1(c, d, a, b, c3, d3, a3, b3, 2 , 11, base) \ ++ STEP1(b, c, d, a, b3, c3, d3, a3, 3 , 19, base) \ ++ STEP1(a, b, c, d, a3, b3, c3, d3, 4 , 3 , base) \ ++ STEP1(d, a, b, c, d3, a3, b3, c3, 5 , 7 , base) \ ++ STEP1(c, d, a, b, c3, d3, a3, b3, 6 , 11, base) \ ++ STEP1(b, c, d, a, b3, c3, d3, a3, 7 , 19, base) \ ++ STEP1(a, b, c, d, a3, b3, c3, d3, 8 , 3 , base) \ ++ STEP1(d, a, b, c, d3, a3, b3, c3, 9 , 7 , base) \ ++ STEP1(c, d, a, b, c3, d3, a3, b3, 10, 11, base) \ ++ STEP1(b, c, d, a, b3, c3, d3, a3, 11, 19, base) \ ++ STEP1(a, b, c, d, a3, b3, c3, d3, 12, 3 , base) \ ++ STEP1(d, a, b, c, d3, a3, b3, c3, 13, 7 , base) \ ++ STEP1(c, d, a, b, c3, d3, a3, b3, 14, 11, base) \ ++ STEP1(b, c, d, a, b3, c3, d3, a3, 15, 19, base) \ ++ \ ++ STEP2(a, b, c, d, a3, b3, c3, d3, 0 , 3 , base) \ ++ STEP2(d, a, b, c, d3, a3, b3, c3, 4 , 5 , base) \ ++ STEP2(c, d, a, b, c3, d3, a3, b3, 8 , 9 , base) \ ++ STEP2(b, c, d, a, b3, c3, d3, a3, 12, 13, base) \ ++ STEP2(a, b, c, d, a3, b3, c3, d3, 1 , 3 , base) \ ++ STEP2(d, a, b, c, d3, a3, b3, c3, 5 , 5 , base) \ ++ STEP2(c, d, a, b, c3, d3, a3, b3, 9 , 9 , base) \ ++ STEP2(b, c, d, a, b3, c3, d3, a3, 13, 13, base) \ ++ STEP2(a, b, c, d, a3, b3, c3, d3, 2 , 3 , base) \ ++ STEP2(d, a, b, c, d3, a3, b3, c3, 6 , 5 , base) \ ++ STEP2(c, d, a, b, c3, d3, a3, b3, 10, 9 , base) \ ++ STEP2(b, c, d, a, b3, c3, d3, a3, 14, 13, base) \ ++ STEP2(a, b, c, d, a3, b3, c3, d3, 3 , 3 , base) \ ++ STEP2(d, a, b, c, d3, a3, b3, c3, 7 , 5 , base) \ ++ STEP2(c, d, a, b, c3, d3, a3, b3, 11, 9 , base) \ ++ STEP2(b, c, d, a, b3, c3, d3, a3, 15, 13, base) \ ++ \ ++ STEP3(a, b, c, d, a3, b3, c3, d3, 0 , 3 , base) \ ++ STEP3(d, a, b, c, d3, a3, b3, c3, 8 , 9 , base) \ ++ STEP3(c, d, a, b, c3, d3, a3, b3, 4 , 11, base) \ ++ STEP3(b, c, d, a, b3, c3, d3, a3, 12, 15, base) \ ++ STEP3(a, b, c, d, a3, b3, c3, d3, 2 , 3 , base) \ ++ STEP3(d, a, b, c, d3, a3, b3, c3, 10, 9 , base) \ ++ STEP3(c, d, a, b, c3, d3, a3, b3, 6 , 11, base) \ ++ STEP3(b, c, d, a, b3, c3, d3, a3, 14, 15, base) \ ++ STEP3(a, b, c, d, a3, b3, c3, d3, 1 , 3 , base) \ ++ STEP3(d, a, b, c, d3, a3, b3, c3, 9 , 9 , base) \ ++ STEP3(c, d, a, b, c3, d3, a3, b3, 5 , 11, base) \ ++ movdqa a, t1; \ ++ mov a3, t13; \ ++ paddd (256*base)+208+nt_buffer4x, b; \ ++ add (64*base)+52+nt_buffer1x, b3; \ ++ pxor d, t1; \ ++ xor d3,t13; \ ++ pxor c, t1; \ ++ xor c3,t13; \ ++ paddd t1, b; \ ++ add t13,b3; \ ++ \ ++ movdqa a, (64*base)+output4x; \ ++ mov a3, (16*base)+output1x; \ ++ movdqa b, (64*base)+16+output4x; \ ++ mov b3, (16*base)+4+output1x; \ ++ movdqa c, (64*base)+32+output4x; \ ++ mov c3, (16*base)+8+output1x; \ ++ movdqa d, (64*base)+48+output4x; \ ++ mov d3, (16*base)+12+output1x; ++ ++.text ++ ++DO_ALIGN(6) ++ ++nt_crypt_all_sse2: ++ pusha ++ ++ movdqa const_stage2, t3 ++ movdqa const_stage3, t4 ++ ++ NT_CRYPT_BODY(0) ++ NT_CRYPT_BODY(1) ++ NT_CRYPT_BODY(2) ++ NT_CRYPT_BODY(3) ++ NT_CRYPT_BODY(4) ++ NT_CRYPT_BODY(5) ++ NT_CRYPT_BODY(6) ++ NT_CRYPT_BODY(7) ++ ++ popa ++ ++ ret +--- john-1.7.2.orig/src/x86-sse.h ++++ john-1.7.2/src/x86-sse.h +@@ -58,4 +58,6 @@ + #define BF_ASM 1 + #define BF_SCALE 1 + ++#define NT_SSE2 ++ + #endif