Contributed patches for John the Ripper

This is the page and DokuWiki namespace to upload unofficial JtR patches to (yes, the wiki supports file uploads - just click the icon showing a picture frame while editing the page). Please do. Links to external websites with JtR patches are also acceptable. Significant updates to this wiki page (such as newly added patches) are to be announced on the john-users mailing list (in addition to updating the wiki page, not instead of that).

Truly obsolete patches have been moved to the patches_old wiki page.

Patches that have been integrated into john or jumbo

Whatever way you choose to share your code with the community, please make sure you're generating your patches properly and licensing your code properly.

The difference from the “contributed resources” list on the JtR homepage and from the contrib/ directory is that patches and links found on the wiki become available to the community right away, without review by Openwall website and file archive maintainers.

Please refer to these instructions on how to apply patches. Many of the patches are to be applied on top of certain revisions of the jumbo patch, as specified in the tables below. Those revisions of the jumbo patch may be found in the corresponding directories with JtR releases (for recent versions of JtR) and in the current and historical contrib/ directories (for older versions of JtR).

Once you have patched john, and run the make, and built john, then you should test that john is working properly. This can be performed by using the John Test Suite

For not yet implemented ideas, see Wish-list for JtR

For howto information on adding a new code page to john, see Procedure to add a new code-page to john

Incremental patches for Jumbo

The semi-official git repo is at GitHub. This tree contains candidate patches for next Jumbo release(s).

NOTE: As of this writing, you should definitely use the bleeding-jumbo branch, mentioned a couple lines below. The unstable-jumbo branch is worse than outdated.

You can clone the unstable-jumbo branch using

git clone git://github.com/magnumripper/JohnTheRipper -b unstable-jumbo unstable-jumbo

(the last argument is a directory name at your choice).

If you just want a tarball with unstable-jumbo, you can download from here: https://github.com/magnumripper/JohnTheRipper/tarball/unstable-jumbo.

There is also an even more bleeding-edge branch named "bleeding-jumbo", which is a superset of the above, rebased onto Solar's core john CVS repo. This tree (the git one) contains changes for the next core release of JtR + its first Jumbo patch. You can clone this using

git clone git://github.com/magnumripper/JohnTheRipper -b bleeding-jumbo bleeding-jumbo

or download a tarball from https://github.com/magnumripper/JohnTheRipper/tarball/bleeding-jumbo

The JtRTS (test suite), can now be pulled properly from a git repository

git clone git://github.com/magnumripper/jtrTestSuite test

The last argument is a directory name at your choice. NORMALLY test suite is stored in ./john_root_dir/test

Currently relevant patches (not integrated into the official JtR nor into the jumbo patch)

Patch Author Status and Description
Format changes for get_source JimF Status: updated June 1, 2012, applies on top of unstable-jumbo (from git). Adds get_source function to formats. This optional method greatly reduces memory usage for formats which implement it. Right now, only a few formats do (dynamic_0, raw-md5-fat, NT, NT2, raw-sha1, crc32, sapg) These changes are in the bleeding edge git build, but at this time, Solar did not want them put into jumbo.

This is the second version. It is significantly simplified, AND improved (and bug fixed). In this version, pw→source will hold either an allocated string of the source, OR will simply point to the 'proper' salt. ALL usage of pw→source has been changed to fmt→methods.get_source(pw,buffer). The fmt_default_get_buffer properly returns pw→source, and any format will have both the binary and salt pointers to reconstruct the source. The get_source() function HAS been built to allow thread safety, and any format that implements it MUST maintain thread safety (i.e. NO static data). This is why we pass in the buffer to use, during the conversion.

3rd version changes self test to be strict. This is because usage of get_source in rest of john IS strict. Thus, a format writing author MUST make sure that get_source(salt(), binary()) is string equal to salt(prepare(original_source_input)) It will NOT pass the self test if not, and it would have not properly found dupes within loader code, nor within .pot removal code.
Short description Author Status and Description
JtR Test Suite JimF The Test Suite is now on GitHub.
JtR_Test_Suite_112-112_2.diff.gz JimF JtR test suite 1.12.2 Same as v1.12, but adds sapB and 'fixes' sapG format
Apply to test suite 1.12
JtR_Test_Suite_111-to-112.diff.gz

ssh_1500_tst.in.gz
JimF JtR Test Suite, 1.12. Pretty significant release. This will patch over a 1.11 install of JtRts located in ./jtr-home/test Run patch -p1 < JtR_Test_Suite_111-to-112.diff when you are 'located' in the ./jtr-home directory.
The file ssh_1500_tst.in was SO huge, that it was placed as a .gz file all by itself. Simply download, uncompress and place in the jtrts home directory (test).

New items:
inc all, inc digits tested.
Tests for GOST, ssh, SAPG (needs work), CUDA, OpenCL.
Fixed a few formats (required a 'forced' -format= flag).
Added ability to issue 'passthrough' arguments to JtR
Added an abort on error.

See the JtrTestSuite.Manifest file for more information.
JtR-TestSuite-1.11_OpenCL-formats-03.patch magnum Adds OpenCL and CUDA formats to Test Suite 1.11. Updated 2012-02-20.
JtR_Test_Suite_110-to-111.diff.gz JimF JtR Test Suite, 1.11. Mostly a maintenance release. Fixed bug, where some mssql05's were being called using older mssql. Added 2 NT 'raw' format files (NT and NT-utf8). These are handled by NT, NTv2 and new dynamic_33. Added new files to test dynamic_30, 31, 32, 33, and 34.

To install, simply run patch -p1 < JtR_Test_Suite_110-to-111.diff.gz when you are in john's 'root' directory.
JtRTestSuite-1.10-file1.tar.gz

JtRTestSuite-1.10-file2.tar.gz

JtrTestSuite_1.08-to-1.10-makefile-update.diff
JimF Here is JtR Test Suite, 1.10. This is a total rewrite of the code, and only a few data files were changed. This new version is in Perl, and there are many options that control how much the TS will check, and how much screen output there will be. -q command line switch will turn off \n chars for most of the run, UNLESS errors are detected. -q -q will turn off even most of the screen output totally, unless errors are seen. There will always be a header, listing what john 'build' is being run, and there will be a summary line, listing the work done, and what errors or lack of errors were seen. The display lines are now 'smarter'. They know the count of cracks made, both in the first run, and in the re-run from the john.pot file. They will list PASSED or FAILED, and if failed, list what was expected, and what was seen.
The test suite, now also reads the john usage screen, the -enc:list and -sub:list outputs, to know what john can do, if it is a core or jumbo, which formats it is supposed to support (including a list of dynamics, from the -sub:list), and which encodings are 'known' to the jumbo build.
Also, there is ability to filter out just what you want run, down to a single format. Type 'perl jtrts.pl -?' to get a list of the options available. Some good ones are:
no options. This will do a full in 'core' john builds, and will do a base (used to be quick) run, and will toss in utf8 and koi8r, just to give some testing of encodings.
-type full (or just full). This tests everything. All prelim -test=0's are done, and all formats that this build can do, that on in the TS, will be tested
-q (added to any run), will reduce some screen output, if so desired.
-type enc (or just enc) Will test all encodings, utf8, and others.
-type dynamic (will test all dynamic formats)
-type dynamic_13 will test just the single format, dynamic_13.

To install:
- By default, this is installed in JtR 'build' directory, in ./test. To place it there, simply change into the base Jtr Directory, and untar the 2 tar balls.
- There is also a patch file. Patch it using 'normal' patching methods, and it will change the makefile, to properly use the 1.10 version. The makefile in 1.7.9-jumbo5 (or others prior to this), work with the TS v1.08, and not this new one.
- NOTE, if test suite 1.08 (or prior) was installed in this directory, then the tstall, tstone and tstonebase script files can be removed after installing v1.10. Those older korn scripts are not used any more.
UnicodeDevelFiles-03.diff.gz magnum Status: updated 2012-11-05. Only needed by developers to add new code pages to JtR
This patch adds 2 LARGE files into a ./src/Unicode directory of john as well as the cmpt_cp.pl and mkdump16.pl scripts that use them.
cmpt_cp.pl is used to build new code page data, when adding new code pages to john.
mkdumb16.pl was used to build the dumb16 and dumb32 external modes. These files are not normally needed by end users of john.
This is a stand alone patch. It should apply over any jumbo, which does not yet have these 2 files in the ./src/Unicode directory
JtR_TestSuite_108-1.tar.gz

JtR_TestSuite_108-2.tar.gz
JimF/magnum JtR TestSuite 1.08, updated for john-1.7.8 jumbo-8 and later. This is a full “install” which unpacks to ./test, unpack it to your john directory so it becomes a sibling to run and src.
This version also correctly handles non-Jumbo builds.
Usage:
For non-jumbo builds, cd to the test directory and execute ./tstall
For jumbo builds, just 'make test' or 'make test_full' (the former skips the slowest tests)
John Test Suite Input Creation scripts JimF This is the actual set of dictionary files, scripsome t files, perl scripts, .C source files, etc, which were used to create the input data files for the current (1.03) John Test Suite.
These require perl to be able to run the pass_gen.pl (several Crypt/Authens CPAN modules installed)
Test data for UTF-8 magnum Status: Currently relevant for testing the Unicode formats. This is a dictionary file with 100 greek words encoded in UTF-8, and test hashes for NT and md5(unicode($p)) made from the same words. Test using –utf8 (or not), and –single or –wordlist
OpenVMS support 2.4 David Jones Status: tested on few platforms (macosx-x86-64, linux-x86-mmx). Support to allow John to crack OpenVMS password hashes, including the later mixed case ones. Also allows JtR executables to be built on OpenVMS Alpha 8.3 systems with the DECC compiler.

Installs in a sub-directory, src/vms in the standard source tree and produces a dynamic library file (vms_fmt) to be used in conjunction with –plugin option added in jumbo 7. Kit is compatible with both the John 1.7.8 base release (requires applying john_1.7.8.plugin patch) and the 1.7.8 jumbo 7 release candidate.

Yes, I'd like people to start using this wiki page to publish their patches. The above is just not enough, with most patches being submitted by other means (which is fine) and no mention on this page (which is not fine). - solar

Also, there's a page on existing efforts to introduce parallel processing and distributed processing into JtR.

Back to John the Ripper user community resources.

john/patches.txt · Last modified: 2014/01/30 23:57 by magnum
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate to DokuWiki Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki Powered by OpenVZ Powered by Openwall GNU/*/Linux