Patch John The Ripper for SHA algorithms

[pyth0n3]

Probabil ati folosit John The Ripper , e un tool pentru crak de password. In Linux /Unix password-urile se gasesc in /etc/shadow (criptate cu diverse tipuri de algoritme),iar in cateva distro de default sunt criptate cu un algoritm SHA si (Salt folosit si in alte distro) ,pentru a citi mai mult despre acest algoritm va rog sa folositi google.Aici voi explica cum sa instalati john the ripper si sa aplicati o patch pt acest tool pentru a putea cracka passwor-ul in distro care folosesc SHA ,fara acest patch nu functioneaza sa crackezi passwordul in distro cu algoritm SHA .O distro care foloseste SHA de default e Ubuntu 9.04 , 9.10 ,dar sunt si multe altele.

diff -urpN john-1.7.3.1/src/Makefile john-1.7.3.1-gencrypt/src/Makefile
--- john-1.7.3.1/src/Makefile   2008-07-18 01:28:55 +0000
+++ john-1.7.3.1-gencrypt/src/Makefile  2009-09-02 11:50:28 +0000
@@ -17,7 +17,7 @@ NULL = /dev/null
 CPPFLAGS = -E
 CFLAGS = -c -Wall -O2 -fomit-frame-pointer
 ASFLAGS = -c
-LDFLAGS = -s
+LDFLAGS = -s -lcrypt
 OPT_NORMAL = -funroll-loops
 OPT_INLINE = -finline-functions

@@ -28,6 +28,7 @@ JOHN_OBJS_MINIMAL = \
        BF_fmt.o BF_std.o \
        AFS_fmt.o \
        LM_fmt.o \
+       crypt_fmt.o \
        batch.o bench.o charset.o common.o compiler.o config.o cracker.o \
        crc32.o external.o formats.o getopt.o idle.o inc.o john.o list.o \
        loader.o logger.o math.o memory.o misc.o options.o params.o path.o \
diff -urpN john-1.7.3.1/src/crypt_fmt.c john-1.7.3.1-gencrypt/src/crypt_fmt.c
--- john-1.7.3.1/src/crypt_fmt.c        1970-01-01 00:00:00 +0000
+++ john-1.7.3.1-gencrypt/src/crypt_fmt.c       2009-09-02 13:01:34 +0000
@@ -0,0 +1,216 @@
+/* public domain proof-of-concept code by Solar Designer */
+
+#define _XOPEN_SOURCE /* for crypt(3) */
+#include <string.h>
+#include <unistd.h>
+
+#include "arch.h"
+#include "params.h"
+#include "formats.h"
+
+#define FORMAT_LABEL                   "crypt"
+#define FORMAT_NAME                    "generic crypt(3)"
+#define ALGORITHM_NAME                 "?/" ARCH_BITS_STR
+
+#define BENCHMARK_COMMENT              ""
+#define BENCHMARK_LENGTH               0
+
+#define PLAINTEXT_LENGTH               72
+
+#define BINARY_SIZE                    128
+#define SALT_SIZE                      BINARY_SIZE
+
+#define MIN_KEYS_PER_CRYPT             1
+#define MAX_KEYS_PER_CRYPT             1
+
+static struct fmt_tests tests[] = {
+       {"CCNf8Sbh3HDfQ", "U*U*U*U*"},
+       {"CCX.K.MFy4Ois", "U*U***U"},
+       {"CC4rMpbg9AMZ.", "U*U***U*"},
+       {"XXxzOu6maQKqQ", "*U*U*U*U"},
+       {"SDbsugeBiC58A", ""},
+       {NULL}
+};
+
+static char saved_key[PLAINTEXT_LENGTH + 1];
+static char saved_salt[SALT_SIZE];
+static char *crypt_out;
+
+static int valid(char *ciphertext)
+{
+#if 1
+       int l = strlen(ciphertext);
+       return l >= 13 && l < BINARY_SIZE;
+#else
+/* Poor load time, but more effective at rejecting bad/unsupported hashes */
+       char *r = crypt("", ciphertext);
+       int l = strlen(r);
+       return
+           !strncmp(r, ciphertext, 2) &&
+           l == strlen(ciphertext) &&
+           l >= 13 && l < BINARY_SIZE;
+#endif
+}
+
+static void *binary(char *ciphertext)
+{
+       static char out[BINARY_SIZE];
+       strncpy(out, ciphertext, sizeof(out)); /* NUL padding is required */
+       return out;
+}
+
+static void *salt(char *ciphertext)
+{
+       static char out[SALT_SIZE];
+       int cut = sizeof(out);
+
+#if 1
+/* This piece is optional, but matching salts are not detected without it */
+       switch (strlen(ciphertext)) {
+       case 13:
+       case 24:
+               cut = 2;
+               break;
+
+       case 20:
+               if (ciphertext[0] == '_') cut = 9;
+               break;
+
+       case 34:
+               if (!strncmp(ciphertext, "$1$", 3)) {
+                       char *p = strchr(ciphertext + 3, '$');
+                       if (p) cut = p - ciphertext;
+               }
+               break;
+
+       case 59:
+               if (!strncmp(ciphertext, "$2$", 3)) cut = 28;
+               break;
+
+       case 60:
+               if (!strncmp(ciphertext, "$2a$", 4)) cut = 29;
+               break;
+       }
+#endif
+
+       /* NUL padding is required */
+       memset(out, 0, sizeof(out));
+       memcpy(out, ciphertext, cut);
+
+       return out;
+}
+
+static int binary_hash_0(void *binary)
+{
+       return ((unsigned char *)binary)[12] & 0xF;
+}
+
+static int binary_hash_1(void *binary)
+{
+       return ((unsigned char *)binary)[12] & 0xFF;
+}
+
+static int binary_hash_2(void *binary)
+{
+       return
+           (((unsigned char *)binary)[12] & 0xFF) |
+           ((int)(((unsigned char *)binary)[11] & 0xF) << 8);
+}
+
+static int get_hash_0(int index)
+{
+       return (unsigned char)crypt_out[12] & 0xF;
+}
+
+static int get_hash_1(int index)
+{
+       return (unsigned char)crypt_out[12] & 0xFF;
+}
+
+static int get_hash_2(int index)
+{
+       return
+           ((unsigned char)crypt_out[12] & 0xFF) |
+           ((int)((unsigned char)crypt_out[11] & 0xF) << 8);
+}
+
+static int salt_hash(void *salt)
+{
+       int pos = strlen((char *)salt) - 2;
+
+       return
+           (((unsigned char *)salt)[pos] & 0xFF) |
+           ((int)(((unsigned char *)salt)[pos + 1] & 3) << 8);
+}
+
+static void set_salt(void *salt)
+{
+       strcpy(saved_salt, salt);
+}
+
+static void set_key(char *key, int index)
+{
+       strcpy(saved_key, key);
+}
+
+static char *get_key(int index)
+{
+       return saved_key;
+}
+
+static void crypt_all(int count)
+{
+       crypt_out = crypt(saved_key, saved_salt);
+}
+
+static int cmp_all(void *binary, int count)
+{
+       return !strcmp((char *)binary, crypt_out);
+}
+
+static int cmp_exact(char *source, int index)
+{
+       return 1;
+}
+
+struct fmt_main fmt_crypt = {
+       {
+               FORMAT_LABEL,
+               FORMAT_NAME,
+               ALGORITHM_NAME,
+               BENCHMARK_COMMENT,
+               BENCHMARK_LENGTH,
+               PLAINTEXT_LENGTH,
+               BINARY_SIZE,
+               SALT_SIZE,
+               MIN_KEYS_PER_CRYPT,
+               MAX_KEYS_PER_CRYPT,
+               FMT_CASE | FMT_8_BIT,
+               tests
+       }, {
+               fmt_default_init,
+               valid,
+               fmt_default_split,
+               binary,
+               salt,
+               {
+                       binary_hash_0,
+                       binary_hash_1,
+                       binary_hash_2
+               },
+               salt_hash,
+               set_salt,
+               set_key,
+               get_key,
+               fmt_default_clear_keys,
+               crypt_all,
+               {
+                       get_hash_0,
+                       get_hash_1,
+                       get_hash_2
+               },
+               cmp_all,
+               cmp_all,
+               cmp_exact
+       }
+};
diff -urpN john-1.7.3.1/src/john.c john-1.7.3.1-gencrypt/src/john.c
--- john-1.7.3.1/src/john.c     2006-05-08 14:49:28 +0000
+++ john-1.7.3.1-gencrypt/src/john.c    2009-09-02 11:50:11 +0000
@@ -38,6 +38,7 @@ extern int CPU_detect(void);

 extern struct fmt_main fmt_DES, fmt_BSDI, fmt_MD5, fmt_BF;
 extern struct fmt_main fmt_AFS, fmt_LM;
+extern struct fmt_main fmt_crypt;

 extern int unshadow(int argc, char **argv);
 extern int unafs(int argc, char **argv);
@@ -64,6 +65,7 @@ static void john_register_all(void)
        john_register_one(&fmt_BF);
        john_register_one(&fmt_AFS);
        john_register_one(&fmt_LM);
+       john_register_one(&fmt_crypt);

        if (!fmt_list) {
                fprintf(stderr, "Unknown ciphertext format name requested\n");

Copiati codul intrun file cu numele john.patch

Descarcati John The Ripper de aici http://www.openwall.com/john/g/john-1.7.3.4.tar.gz

Intrati cu cd in directory unde ati descarcat john

Decomprimati archiva john-1.7.3.4.tar.gz

tar -zxvf john-1.7.3.4.tar.gz

Copiati file john.patch in directory ce ati decomprimat john-1.7.3.4

Cu cd intrati in directory john-1.7.3.4

Scrieti:

sudo patch -Np1 -i john.patch

Acesta e un exemplu de output:

pyth0n3@pyth0n3:~/john-1.7.3.4$ sudo patch -Np1 -i john.patch 

patching file src/Makefile

patching file src/crypt_fmt.c

patching file src/john.c

Hunk #2 succeeded at 67 (offset 2 lines).

Dupa care va duceti in src/

cd src/

si dati comandul sudo make

Acesta e un exemplu de output:

pyth0n3@pyth0n3:~/john-1.7.3.4/src$ sudo make

To build John the Ripper, type:

	make clean SYSTEM

where SYSTEM can be one of the following:

linux-x86-64             Linux, x86-64 with SSE2 (best)

linux-x86-sse2           Linux, x86 with SSE2 (best if 32-bit)

linux-x86-mmx            Linux, x86 with MMX

linux-x86-any            Linux, x86

linux-alpha              Linux, Alpha

linux-sparc              Linux, SPARC 32-bit

linux-ppc32-altivec      Linux, PowerPC w/AltiVec (best)

linux-ppc32              Linux, PowerPC 32-bit

linux-ppc64              Linux, PowerPC 64-bit

linux-ia64               Linux, IA-64

freebsd-x86-64           FreeBSD, x86-64 with SSE2 (best)

freebsd-x86-sse2         FreeBSD, x86 with SSE2 (best if 32-bit)

freebsd-x86-mmx          FreeBSD, x86 with MMX

freebsd-x86-any          FreeBSD, x86

freebsd-alpha            FreeBSD, Alpha

openbsd-x86-64           OpenBSD, x86-64 with SSE2 (best)

openbsd-x86-sse2         OpenBSD, x86 with SSE2 (best if 32-bit)

openbsd-x86-mmx          OpenBSD, x86 with MMX

openbsd-x86-any          OpenBSD, x86

openbsd-alpha            OpenBSD, Alpha

openbsd-sparc64          OpenBSD, SPARC 64-bit (best)

openbsd-sparc            OpenBSD, SPARC 32-bit

openbsd-ppc32            OpenBSD, PowerPC 32-bit

openbsd-ppc64            OpenBSD, PowerPC 64-bit

openbsd-pa-risc          OpenBSD, PA-RISC

openbsd-vax              OpenBSD, VAX

netbsd-sparc64           NetBSD, SPARC 64-bit

netbsd-vax               NetBSD, VAX

solaris-sparc64-cc       Solaris, SPARC V9 64-bit, cc (best)

solaris-sparc64-gcc      Solaris, SPARC V9 64-bit, gcc

solaris-sparcv9-cc       Solaris, SPARC V9 32-bit, cc

solaris-sparcv8-cc       Solaris, SPARC V8 32-bit, cc

solaris-sparc-gcc        Solaris, SPARC 32-bit, gcc

solaris-x86-64-cc        Solaris, x86-64 with SSE2, cc (best)

solaris-x86-64-gcc       Solaris, x86-64 with SSE2, gcc

solaris-x86-sse2-cc      Solaris 9 4/04+, x86 with SSE2, cc

solaris-x86-sse2-gcc     Solaris 9 4/04+, x86 with SSE2, gcc

solaris-x86-mmx-cc       Solaris, x86 with MMX, cc

solaris-x86-mmx-gcc      Solaris, x86 with MMX, gcc

solaris-x86-any-cc       Solaris, x86, cc

solaris-x86-any-gcc      Solaris, x86, gcc

sco-x86-any-gcc          SCO, x86, gcc

sco-x86-any-cc           SCO, x86, cc

tru64-alpha              Tru64 (Digital UNIX, OSF/1), Alpha

aix-ppc32                AIX, PowerPC 32-bit

macosx-x86-64            Mac OS X 10.5+, Xcode 3.0+, x86-64 with SSE2 (best)

macosx-x86-sse2          Mac OS X, x86 with SSE2

macosx-ppc32-altivec     Mac OS X, PowerPC w/AltiVec (best)

macosx-ppc32             Mac OS X, PowerPC 32-bit

macosx-ppc64             Mac OS X 10.4+, PowerPC 64-bit

macosx-universal         Mac OS X, Universal Binary (x86 + x86-64 + PPC)

hpux-pa-risc-gcc         HP-UX, PA-RISC, gcc

hpux-pa-risc-cc          HP-UX, PA-RISC, ANSI cc

irix-mips64-r10k         IRIX, MIPS 64-bit (R10K) (best)

irix-mips64              IRIX, MIPS 64-bit

irix-mips32              IRIX, MIPS 32-bit

dos-djgpp-x86-mmx        DOS, DJGPP, x86 with MMX

dos-djgpp-x86-any        DOS, DJGPP, x86

win32-cygwin-x86-sse2    Win32, Cygwin, x86 with SSE2 (best)

win32-cygwin-x86-mmx     Win32, Cygwin, x86 with MMX

win32-cygwin-x86-any     Win32, Cygwin, x86

beos-x86-sse2            BeOS, x86 with SSE2 (best)

beos-x86-mmx             BeOS, x86 with MMX

beos-x86-any             BeOS, x86

generic                  Any other Unix-like system with gcc

Aici va trebui sa alegeti sistemul operativ pe care il aveti , daca folositi linux i86 32 bit ceea ce multi il folosesc alegeti

linux-x86-sse2

Dati comandul

 sudo make linux-x86-sse2

Pentru a vedea daca functioneaza mergeti in directory run care se afla in john-1.7.3.4si dati comandul

sudo ./john   /etc/shadow

L'output exemplu:

pyth0n3@pyth0n3:~/john-1.7.3.4/run$ sudo ./john   /etc/shadow

Loaded 1 password hash (generic crypt(3) [?/32])

in cazul in care aveti mai multe password vor aparea mai multe .

Daca utilizati john the ripper fara acest patch nu veti putea cracka password criptate cu algoritmul SHA SHA1 SHA512

Cateva distro Linux folosesc acest algoritm combinat cu (Salt ) Salt (cryptography) - Wikipedia, the free encyclopedia

Printre care Ubuntu 9.04 9.10

Pentru documentation john the ripper John the Ripper documentation

Edited January 26, 2010 by pyth0n3

[curiosul]

Foarte frumos...ma gandesc la un patch beta pt jtr adica sa decripteze si mai multi algoritmi...acu sa nu-mi sari in cap daca mi-a cam zburat imaginatia...