'des'에 해당되는 글 3건

  1. 2011.04.29 John the Ripper password cracker update (1)
  2. 2010.01.15 PasswordsPro - 해시(Hash) 암호화 크랙
  3. 2009.12.03 SHA-256/SHA-512를 사용한 암호 해싱
2011. 4. 29. 13:33

John the Ripper password cracker update

This is the change log for JtR version 1.7.7:

  • Added Intel AVX and AMD XOP instruction sets support for bitslice DES (with C compiler intrinsics). New make targets: linux-x86-64-avx, linux-x86-64-xop, linux-x86-avx, and linux-x86-xop (these require recent versions of GCC and GNU binutils).
  • A “dummy” “format” is now supported (plaintext passwords encoded in hexadecimal and prefixed with “$dummy$”) – for faster testing and tuning of custom wordlists, rule sets, .chr files, and external modes on already known or artificial passwords, as well as for testing of future and modified versions of John itself.
  • Apache “$apr1$” MD5-based password hashes are now supported along with the FreeBSD-style MD5-based crypt(3) hashes that were supported previously. Hashes of both of these types may be loaded for cracking simultaneously.
  • The “–salts” option threshold is now applied before removal of previously cracked hashes for consistent behavior with interrupted and continued sessions. (Suggested by magnum.)
    The “Idle = Y” setting (which is the default) is now ignored for OpenMP-enabled hash types when the actual number of threads is greater than 1. (Unfortunately, it did not work right at least with GNU libgomp on Linux.)
  • When a cracking session terminates or is interrupted, John will now warn the user if the cracked passwords printed to the terminal while cracking are potentially incomplete. It will advise the user to use the “–show” option to see the complete set of cracked passwords with proper post-processing.
  • When loading hashes specified on a line on their own (feature introduced in 1.7.6), the loader will now ignore leading and trailing whitespace.
  • Unless a hash type is forced from the command line, the loader will now print warnings about additional hash types seen in the input files (beyond the hash type autodetected initially).
  • For use primarily by the jumbo patch (and later by future enhancements to the official versions as well), the loader now includes logic to warn the user of ambiguous hash encodings (e.g. LM vs. NTLM vs. raw-MD5, all of which may be represented as 32 hexadecimal characters) and of excessive partial hash collisions, which it works around (these are typically caused by an incomplete implementation of a new hash type).
  • The “unique” and “unshadow” programs have been made significantly faster.
  • “DateTime”, “Repeats”, “Subsets”, “AtLeast1-Simple”, “AtLeast1-Generic”, and “Policy” external mode samples have been added to the default john.conf.
  • The self-tests have been enhanced to detect more kinds of program bugs.
  • A few minor bug fixes and enhancements were made.

This version has been sponsered by Rapid7.

Download John the Ripper v1.7.7 (john-1.7.7-jumbo-1.tar.gz/john-1.7.7-jumbo-1.tar.bz2).

출처 :  PenTestIT

Trackback 0 Comment 1
  1. Favicon of http://online-casino.eu.com online casino 2011.07.30 17:16 address edit & del reply

    아주 좋은 기사

2010. 1. 15. 19:40

PasswordsPro - 해시(Hash) 암호화 크랙

Important! Using this software for purposes other than recovering your own lost passwords violates License Agreement and may violate the Law!

Program Description

This program is designated for the recovery of passwords for different types of hashes. The program currently supports about 30 types of hashes, and new ones can be easily added by creating a custom external hashing DLL-module. The actual list of available modules can be found on the software-related forum. The peak number of hashes the application is capable of working with simultaneously is 256.

List of supported hashes:

– MySQL5
– DES(Unix)
– MD2
– MD4
– MD4(Base64)
– MD5
– MD5(APR)
– MD5(Unix)
– MD5(Base64)
– MD5(phpBB3)
– MD5(Wordpress)
– MD5_HMAC($salt,MD5_HMAC($salt,$pass))
– SHA-1
– SHA-1(Base64)
– SHA-1(Django)
– SHA-256
– SHA-256(Unix)
– SHA-256(Django)
– SHA-256(md5($pass))
– SHA-256(PasswordSafe)
– SHA-384
– SHA-384(Django)
– SHA-512
– SHA-512(Unix)
– Haval-128
– Haval-160
– Haval-192
– Haval-224
– Haval-256
– Tiger-128
– Tiger-160
– Tiger-192
– RipeMD-128
– RipeMD-160
– Whirlpool
– RAdmin v2.x
– Lineage II C4
– Domain Cached Credentials
– md5(md5($pass))
– md5($pass.$salt)
– md5($salt.$pass)
– md5(sha1($pass))
– md5($hex_salt.$pass)
– md5(md5(md5($pass)))
– md5(md5($pass).$salt)
– md5(md5($salt).$pass)
– md5($salt.md5($pass))
– md5($salt.$pass.$salt)
– md5(md5($salt).md5($pass))
– md5(md5($pass).md5($salt))
– md5(md5($pass).$const_salt)
– md5($salt.md5($salt.$pass))
– md5($salt.md5($pass.$salt))
– md5($salt.md5($pass).$salt)
– md5(sha1(md5(sha1($pass))))
– md5($hex_salt.$pass.$hex_salt)
– md5($username.md5($pass).$salt)
– md5(md5($username.$pass).$salt)
– sha1(md5($pass))
– sha1($salt.$pass)
– sha1($pass.$salt)
– sha1($username.$pass)
– sha1($salt.sha1($pass))
– sha1($username.$pass.$salt)
– sha1($salt.sha1($salt.sha1($pass)))

Note: All hashing modules are located in the \Modules subfolder of the software installation archive and can be imported through the program settings menu ("Hashing modules" tab).

Program Features
– Passwords recovery using the following methods:
       • Preliminary attack
       • Brute force attack (including distributed attack)
       • Mask attack
       • Simple dictionary attack
       • Combined dictionary attack
       • Hybrid dictionary attack
       • Rainbow attack
– Recovery of passwords of up to 127-character length
– Recovery of passwords for incomplete hashes of any type
– User hash editor
– Searching data on the list of imported users
– Quick-add hash using a dialog box
– Quick-add hashes from Clipboard
– Quick-check current password for all imported users
– Support of character replacement tables for hybrid dictionary attack
– Unlimited number of dictionaries available for dictionary attack
– Unlimited number of tables available for Rainbow attack
– Unlimited number of servable users with hashes (in the licensed version)
Data Import

User hashes can be imported in the program using one of the following methods:

• Import from PasswordsPro format files (*.Hashes-files).

• Import from text files with hashes given in the following format:
        Login:Hash:Salt(or HMAC-key):Password:Comment
The software installation archive includes test files with all types of supported hashes given in this format.

• Using dialog box.

• From Clipboard.
Data Export

The application allows saving current user and hash list to the file of the application's internal format (*.Hashes-files), as well as exporting the data to a text or HTML file.

Password Recovery

  - Preliminary Attack

This type of attack is the quick check of user hashes for a match to simple passwords like – "123", "qwerty", "99999", etc. as well as to passwords found earlier and stored in the "PasswordsPro.dic" file.

- Brute Force Attack

This type of attack is the total check of all possible password values.

Brute force attack also includes the distributed attack. This type of attack allows using multiple computers for the recovery of passwords, distributing the recovery calculation load among them. This type of attack takes off automatically when user provides more than one computer for facilitating the attack. At the same time, the range selection feature becomes available for the current computer. So, to start a distributed attack, you'd have to:

1. Run this program on several computers.
2. Choose how many computers are to facilitate the attack.
3. Set the same attack options on all computers that are to facilitate the attack.
4. Choose an individual passwords attack range for each of the computers.
5. Launch brute force attack on all computers.

- Mask Attack

This type of password attack is used when user possesses partial information about the lost password. For example:
– Password begins with the "12345" character combination.
– First 4 characters of the password are numbers, others are Latin letters;
– And so on.

For that purpose, define the mask for every character of the password to be recovered in the mask attack settings. Symbolic notations of standard or custom character sets – ?u, ?d, ?2, etc. – are used as mask characters (see the Character sets tab in program options).

- Simple Dictionary Attack

This type of attack is the attempt to find the hash match in text files – dictionaries.

- Combined Dictionary Attack

This type of attack includes the validation of passwords made of several words taken from different dictionaries. This attack allows to recover complex passwords like "superadmin", "admin*admin", etc.

- Hybrid Dictionary Attack

This type of attack allows changing passwords from the dictionaries (for example, shift password to upper case, append '1' to the end of the password, etc.) and to validate them as users passwords. The actions performed over the source passwords are the so-called "rules" – the full list of these rules can be found in the "Rules.txt" file in the software installation archive.

- Rainbow Attack

This type of attack uses the Rainbow technology (http://project-rainbowcrack.com/) for creating pre-calculated tables.

The software includes the following plugins:

Hash Generator – generates any hash of types supported by the program.

Password Generator – generates random passwords with specified parameters.

Dictionary Generator – generates dictionaries of passwords from specified ranges and performs other functions related to dealing with dictionaries – sorting, merging, etc.

Text Converter – converts text from Base64 to plain text format and vice-versa.

Hidden Passwords Recovery – recovers text hidden behind asterisks.

System Information – displays overall system information.

Password Sender – the plugin is purposed for sending recovered passwords to websites.

The application can also be completed with new plugins, which would carry out necessary functions. For the creation of those, please read ReadMe.chm in the \Plugins\API folder of the application distribution. The same folder contains the ready plugin template written in Microsoft Visual C++.

Command Line Parameters

The application supports the following command line parameters:

/config:filename – loads an INI-file other than PasswordsPro.ini.

/auto – automatically launches current attack and exits when the attack is completed.

These parameters allow automating the routine slightly using batch command files (BAT). Do the following:

1. Create several INI-files with different names for different types of attack.
2. Create a BAT-file, for instance, containing (for Windows 2000/XP):
        PasswordsPro.exe /auto /config:Preliminary.ini
        start /w PasswordsPro.exe /auto /config:DictSimple.ini
        start /w PasswordsPro.exe /auto /config:DictHybrid.ini
        start /w PasswordsPro.exe /auto /config:BruteLatin.ini
        start /w PasswordsPro.exe /auto /config:BruteNumber.ini

3. Run the created BAT-file.
4. Note: This mode does not assume any user intervention and therefore does not display any messages (neither on the completion of attack, nor on errors occurred). The termination of current attack will close the program and launch the next attack.
Program Status

PasswordsPro is Shareware.
The personal license fee is €39.95.

To learn more about licensing options and purchasing license key, please visit this page.

Demo Version Restrictions

Maximum number of users can be imported: 1.

License Agreement

1. All rights for PasswordsPro are reserved to InsidePro Software.

2. The software is distributed as Demo, without any restrictions on the length of the evaluation. You may also copy and redistribute the unchanged distribution of the Demo edition on any data mediums (hard disk, floppy disk, CD-ROM, etc.).

3. To remove all restrictions from the software, you must register your copy of the software by purchasing and then entering a license key (or several license keys) in the application.

4. The use of license keys by any person not registered as an authorized user of the software, distribution of or publishing license keys are illegal. The author of the software reserves the right to revoke the registered user status from such key owners and block the revoked keys in the future versions of software.

5. You shall not modify, disassemble or decompile this software. The violation of this provision in any part shall lead to the immediate termination of this license agreement.

6. The software is provided "AS IS". You use this software at your own risk. Under no circumstances shall the author be held liable for any data loss or damage, lost profits or any other damages caused by using or not using this software.

7. The author guarantees that the software does not contain harmful, spyware nor any other code designed for performing any functions other than those stated in Program Description.

8. Using the software shall indicate your acceptance of this license agreement.

9. If you do not wish to be bounded by these terms, delete all files of this software from your computer and stop using this software.


Q1: I have hash "XXXYYYZZZ". What is its type (i.e. hashing algorithm)?
A: Here are some types of hashes supported by PasswordsPro (or by other applications):
      • if the hash begins with the "$1$" signature, it's usually an MD5(Unix) hash.
      • if the hash begins with the "$apr1$" signature, it's usually an MD5(APR) hash.
      • if the hash has 8-byte length, it may be a MySQL-hash or any other longer hash cut to 8-byte pieces, for instance, an MD5-hash.
      • 16-byte long hashes usually are:
          – MD4, MD5 and other hashes
          – some salted hashes like md5(md5($pass).$salt)
          – some composite hashes like md5(md5($pass)), etc.
      • if the hash length is 20 bytes, it may be a SHA-1 or a MySQL5-hash.

If the hash type is unknown, you can try figuring the algorithm used by the program that created the hash; for example, by analyzing source code of the PHP script that uses this hash.

You can always check the look of any hash using the Hash Generator service that recognizes over 100 types of hashes.

Sometimes a hash may be Base64-formatted, and it will have to be converted to text for the precise analysis. The above mentioned service or an appropriate utility can help you with that as well.

Q2: If it's so easy to calculate the hash for my password, why can't I recover the password from the hash?
A: Any hashing algorithm is in fact the calculation of a checksum for the source text. That involves one-way math operations with a source message, like AND, etc. For example, even if we do know Y and Z in the "X AND Y = Z" equation, we still won't be able to find the exact X value (the most we can do is to calculate the range of probable X values satisfying this equation). That's one of the reasons why the transverse "hash -> password" is impossible (theoretically, you can just calculate the range of probable source passwords; however, it's actually impossible). The second reason why the source password can't be precisely found from a hash is the issue of collisions.

Q3: What are "collisions"?
A: As soon as output values (all possible hashes) for any hashing algorithm are limited by hash size (for example, the number of possible MD5 hashes is 2128 or 3.4*1038 values), and the number of input values (source messages) is unlimited, then it's clear that there are source messages with the identical hash. Those source messages are called collisions.

Q4: What are "salt" and "salted hashes"?
A: Salt is most widely used to ensure that users with same passwords have different hashes. Salt is usually a line composed of 4...8 random characters, which is additionally used for user passwords hashing and is saved along together with the final hash (for example, MD5(Unix) hashes use this) or stored separately.

Q5: Why are salted hashes recovered at such a low speed?
A: Here is the picture. Passwords forcing the regular (non-salted) hashes go as follows – current password hash is calculated once, then it's compared to every forced hash. For the recovery of salted hashes, current password is to be hashed every time for each user, as they have different salts. Certainly, the speed of the attack will go down as the user number goes up.

Q6: Why are MD5(Unix) and MD5(APR) hashes recovered so slow?
A: That's because both salts use a 1000-iteration hash generation cycle, where each iteration involves 2 to 4 regular MD5 conversions. So, the attack speed for such hashes is thousands of times lower compared to the speed of recovering regular MD5 hashes.

Q7: I've been recovering a password for several days already, but still can't find it. Why?
A: As the inverse transformation hash -> password is impossible, the only way the password can be recovered is by comparing the given hash with hashes generated from every password being validated. So, combinations of different attack types and settings are to be tried. For example, you can spend much time to brute force a password with the "a...z" alphabet while the sought password can be numerical. So, if you can't find your password, that doesn't mean it is very complex. It can be a short one but have a space at the end. Or it can be long but simple (like "administrator12345") and recoverable in a few minutes with the hybrid attack, and so on. However, your hash can really be match to a complex password (like "tGEa+.]W\Z$C"). Unfortunately, such passwords are almost unrecoverable.

Q8: What's the application area of hashes suffixed with [PHP] in external modules?
A: You can find that out by using the "About module" function from the "Hashing modules" tab in the program options. Note: the [PHP] suffix means that the syntax of these algorithms matches PHP-code, where they are mostly used.

Q9: What is "dictionary" and where can it be obtained from?
A: Dictionary is a text file that contains possible user passwords (each line in the file contains one password). Such files may contain frequently used passwords ("admin", "master", etc.) as well as passwords from a required character range ("1111" – "9999"), which can be generated by the "Dictionary Generator" plugin. You can always find dozens of megabytes of such dictionaries here.

Q10: "Symbol replacement tables" in the hybrid dictionary attack – what is it?
A: These tables (*.KBT-files) are text files where users can set which characters of passwords being checked are to be replaced with something else. This feature is useful for users of non-English-speaking countries with 2 keyboard layouts, English and national. In this case, native language passwords can be entered using English keyboard layout or, vice versa, English words can be typed using national characters. There's the "Russian.kbt" file in the installation archive; it contains tables for the Russian keyboard layout.

Q11: What's the order you recommended to follow for recovering user passwords from hashes?
A: It's recommended to recover passwords for hashes in the following order:
       – Preliminary attack
       – Simple dictionary attack (with a large number of dictionaries)
       – Hybrid dictionary attack (with a small number of dictionaries)
       – Brute force attack with the "0...9" alphabet for 8-9 character depth
       – Brute force attack with the "a...z" alphabet for 7-8 character depth
       – Brute force attack with all available alphabets for 4-6 character depth
       – Brute force attack with "0...9" and "a...z" alphabets for 7-8 character depth
       – Combined dictionary attack
Certainly, if you have Rainbow-tables, the Rainbow attack should also be used. Also, if you've got any information about the password, use the mask attack.

Q12: How to use custom character sets?
A: Custom character sets are commonly used in mask attacks. In other words, if you know, for instance, that the first 5 characters of the password are numbers or capital Latin letters, you can type "?d?u" in the "?4:" field (or just enter whole alphabet to use: "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"), then describe the first 5 characters in the mask: ?4?4?4?4?4.

Q13: I would like to translate the program interface to my native language. How can I do that?
A: You can translate the program interface to your native language, but you will also have to support and promptly update your LNG-file on your own in the forum on the software website. So, to do that:
       – Visit the PasswordsPro forum – the program interface could be already translated to your language.
       – Create the "English.lng" file (or "Russian.lng" file) using program options menu and translate it to your language.
       – Host that file on your website, FTP-server or one of file hosting servers on the Internet.
       – Create a new topic in the program forum and post the link to the translated LNG-file there.
As new versions are released (you can track new releases by signing up to the InsidePro project news mailing list) you will need to timely update your LNG-file and update the link on the forum. Certainly, your translation may be rewarded by a free license key to the program.

Q14: What Rainbow-tables are and how can they be used for password recovery?
A: Find the detailed information on Rainbow-tables here. You can use the rtgen or Winrtgen programs to generate such tables. To recover passwords this way, import the list of *.RT-files in the program and select table attack. Certainly, the type of hashes in the tables must match the type of hashes selected for the attack.

Q15: I am importing a list of salt hashes containing the ':' character, and the program fails to properly split the source lines into fields. How should I import such hashes to the program?
A: For such situations exactly, there's a menu option to set character to be used as a field delimiter in the user hash lines (':' is the default character). You can also change the character used for splitting fields for the exporting of user hashes.

Q16: During a dictionary attack, the program reports attack completion while the dictionary hasn't been processed completely. Why?
A: That happens when a service character is found in the dictionary. Some of such characters are interpreted by the program as the end of the file (EOF), so it quits from working with the dictionary (like the 0x1F character, which appears in the file after the concatenation of several files, can be interpreted as a DOS COPY command). So it's recommended to weed such characters, as well as of tabulation symbols, empty lines, etc., out of dictionaries before they are used. Note: to sort dictionaries and clean out empty lines and double passwords you can use the "Dictionary Generator" plugin.

Q17: During the Rainbow attack, the program messages "Can't open charset configuration file!" and halts the attack. What is this file, where can I take it and what for is it needed?
A: This is a file that contains character sets (like "alpha" (A...Z), "numeric" (0...9), etc.) used for generating Rainbow-tables as well as for recovering passwords using such tables. The installation archive contains the "Charset.txt" file with 25 most frequently used character sets; though you can always add your own sets to this file.

Q18: I would like to write my own hashing module to recover passwords for my hashes using your program. How can I do that?
A: If the program doesn't support the type of hashes you need, you can write your own hashing module using any programming language to create a DLL library with several exportable functions (see the ReadMe.chm file in the \Modules\API folder of the program installation archive), but you will have to work on your own to update and support it through the forum on the software website. You can build it on the base of a test out module with Microsoft Visual C++ .NET 2003 sources, which are put as an example in the program archive. Certainly, the creation of the new module for the program can be rewarded with a free license key to the program.

Q19: I am importing an old-version *.Hashes-file (or copying an old-version PasswordsPro.ini to a new-version folder). Why the program displays types of hashes incorrectly or why are the program options different than those set in the previous version?
A: The format of *.Hashes and *.ini files (as well as other work files created by the program) may differ from one version to another for many reasons; for example, after the optimization of parameters saved to an *.ini-file, or changing the list of supported hashes, etc. So it's strongly recommended that you use the *.Hashes and *.ini files created in the version of PasswordsPro that you currently use. Hashes created with older versions of the software can be imported through text files.

Q20: Can the TAB character or any other character with the ASCII code below 32 be used as delimiter when importing hashes?
A: Yes, you can use any character, even with an ASCII code below 32 (tab character, line feed, etc.) and there are two ways to doing that:
1. Copy the TAB character (for example) to clipboard and insert it in the application settings. However, it will appear as a square, but that will do the job.
2. In the PasswordsPro.INI file, find the DlgOptionsMore section, and then in the EditBox1 parameter set the ASCII code of the field delimiter character. For example, for the TAB character those lines would be:

출처 : http://www.insidepro.com

Trackback 0 Comment 0
2009. 12. 3. 19:20

SHA-256/SHA-512를 사용한 암호 해싱

현재 SHA-256 및 SHA-512 해시 기능을 사용한 암호 해싱이 지원됩니다.

설치된 시스템에서 SHA-256 또는 SHA-512로 전환하려면 authconfig --passalgo=sha256 --kickstart 또는 authconfig --passalgo=sha512 --kickstart 명령을 실행합니다. 기존의 사용자 계정은 암호를 변경하기 전 까지 영향을 받지 않게 됩니다.

새로 설치된 시스템의 경우, SHA-256 또는 SHA-512 사용은 킥스타트 설치에서만 설정될 수 있습니다. 이를 위해, 킥스타트 명령 auth--passalgo=sha256 또는 --passalgo=sha512 옵션을 사용합니다; 또한, --enablemd5 옵션이 있을 경우 이를 삭제합니다.

설치 프로그램이 킥스타트를 사용하지 않을 경우, 위의 설명 대로 authconfig를 사용한 후, 설치 후 생성된 모든 암호 (root 포함)를 변경합니다.

이러한 암호 해싱 알고리즘을 지원하기 위해 알맞은 옵션이 libuser, pam, shadow-utils에 추가되었습니다. authconfig 명령은 필요한 옵션을 자동으로 생성하므로, 이를 수동으로 수정할 필요가 없습니다:

  • 현재 crypt_style 옵션의 새로운 값과 hash_rounds_minhash_rounds_max 명령의 새로운 옵션은 /etc/libuser.conf[defaults] 부분에서 지원됩니다. 보다 자세한 내용은 /usr/share/doc/libuser-[libuser version]/README.sha에서 참조하시기 바랍니다.

  • 현재 새로운 옵션 sha256, sha512, roundspam_unix PAM 모듈에 의해 지원됩니다. 보다 자세한 내용은 /usr/share/doc/pam-[pam version]/txts/README.pam_unix에서 참조하시기 바랍니다.

  • 현재 다음과 같은 /etc/login.defs에서의 새 옵션은 shadow-utils에 의해 지원됩니다:

    • ENCRYPT_METHOD — 사용할 암호화 방식을 지정합니다. 사용 가능한 값은 DES, MD5, SHA256, SHA512 입니다. 이러한 옵션이 지정될 경우, MD5_CRYPT_ENAB 명령은 무시됩니다.

    • SHA_CRYPT_MIN_ROUNDSSHA_CRYPT_MAX_ROUNDSENCRYPT_METHODSHA256 또는 SHA512로 설정되어 있을 경우 사용할 해싱 라운드 수를 지정합니다. 아무 옵션도 설정되어 있지 않을 경우, glibc에 의해 기본값이 지정됩니다. 하나의 옵션만이 설정되어 있을 경우 암호화 방식이 라운드 수를 지정하게 됩니다.

      두 옵션 모두가 사용될 경우, 임의로 선택된 라운드 수에서 포괄적인 간격을 지정합니다. 선택된 라운드 수는 포괄적인 간격 [1000, 999999999]으로 제한되어 있습니다.

출처 : http://us.aminet.net/pub/centos4.64/NOTES/RELEASE-NOTES-U7-ko.html

Trackback 1 Comment 0