diff -urN john-1.6.orig/debian/CONFIG.mailer john-1.6/debian/CONFIG.mailer --- john-1.6.orig/debian/CONFIG.mailer 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/CONFIG.mailer 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,59 @@ +This version of john has two new conffiles for the mailer script: + +/etc/john-mail.conf +--------------------- + +This is where you define the command used to send messages to users, +and the shells to be ignored when sending the messages. A working +example is already installed. + +You can set the shells to be ignored, for example: + +shells=-,/bin/false,/dev/null,/bin/sync,/usr/bin/falselogin + +The default is set to: + +shells=-,/bin/false,/dev/null,/bin/sync + +And you may set the command used to send the message (the message +will be piped into this command): + +mailcmd=/usr/sbin/sendmail + +That is the default. If you use sendmail, or if your mailer provides +a "sendmail" executable, you may use the above line. + +And if you want to pass extra arguments to your mailer, set +mailargs: + +mailargs= ... + +The default is not to define mailargs. + +/etc/john-mail.msg +------------------ + +This is the message template to be sent to the user. In the message, +the strings @LOGIN and @HOSTNAME will be substituted for the user's +login and the host name. + +If you use sendmail as mail command, you may include the headers +at the top of the template message, like this: + + +============================================================= +Subject: Gotcha! +Cc: root + +Just cracked your password for account @LOGIN at @HOSTNAME. +Please change it. + +John the Ripper. +============================================================= + +You may also use some binary of yours as the mail command; then it +will be called, and the template (with the variables already +substituted) will be piped into it. This may be useful if you want +to use complex logging (using a DBMS, for example), or if you +want to automatically run scripts (that block the account, +perhaps?) diff -urN john-1.6.orig/debian/changelog john-1.6/debian/changelog --- john-1.6.orig/debian/changelog 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/changelog 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,126 @@ +john (1.6-17) unstable; urgency=low + + * Rewording of comments in config file. (Closes: #115556) + (Thanks to Martin F Krafft) + * Included hack to remove cronjob if needed. (Closes: #114835,#117034) + + -- Christian Kurz Sun, 14 Oct 2001 20:14:42 +0200 + +john (1.6-16) unstable; urgency=low + + * Integrated patch from Damyan Ivanov to fix unquoted sed + expressions. (Closes: #113557) + + -- Christian Kurz Wed, 26 Sep 2001 12:57:53 +0200 + +john (1.6-15) unstable; urgency=low + + * Fixed typo in debconf templates. (Closes: #112058,#113166) + * Should fix another problem with the lock-file. (Closes: #113332) + + -- Christian Kurz Wed, 12 Sep 2001 16:08:30 +0200 + +john (1.6-14) unstable; urgency=low + + * Added german debconf translation from Sebastian Feltel. + (Closes: #109980) + * Fixed two typos in the john.1 manpage, noted by Stephen Frost. + * Applied patch from Daniel Kobras to fix two oversights in the + cronjob script. (Closes: #110272) + * Applied patch from Jeronimo Pellegrini to fix some small problems + in the scripts. (Closes: #110957) + + -- Christian Kurz Sat, 25 Aug 2001 09:09:18 +0200 + +john (1.6-13) unstable; urgency=low + + * We'll gzip the example file, which is about 12k. But the other files + which are just 2-6k will be stay uncompressed, until some very good + reasons are presented to convince me. (Closes: #96650) + * Integration of Patch from Jeronimo Pellegrini to support the + installation and deinstallation of a cronjob. (Closes: #101970) + + -- Christian Kurz Thu, 12 Jul 2001 22:55:09 +0200 + +john (1.6-12) unstable; urgency=low + + * Now we finally added manpages for john which have been written by + Jordi Mallach and Jeronimo Pellegrini. (Closes: #62498) + * Applied a patch from Jeronimo Pellegrini to make the mailer script + more configurable. (Closes: #101968) + + -- Christian Kurz Sun, 20 May 2001 10:18:56 +0200 + +john (1.6-11) unstable; urgency=low + + * Fixed Symlinks for $ARCHITECURE != i386. (Closes: #92280) + + -- Christian Kurz Sat, 31 Mar 2001 18:34:42 +0200 + +john (1.6-10) unstable; urgency=low + + * Fixed the symlinks, since we didn't notice that we broke them with + the 1.6-8 release. Now, it should work fine again. (Closes: #91824) + + -- Christian Kurz Wed, 28 Mar 2001 08:22:18 +0200 + +john (1.6-9) unstable; urgency=low + + * Fixed the name of the override file for john and also it' + location. (Closes: #81218) + + -- Christian Kurz Sun, 25 Mar 2001 00:30:33 +0100 + +john (1.6-8) unstable; urgency=low + + * Fixed the startup script for john to correctly use bash. + + -- Christian Kurz Thu, 1 Mar 2001 20:00:13 +0100 + +john (1.6-7) unstable; urgency=low + + * Fixed a typo to build john also on Alpha (Closes: #83696) + + -- Christian Kurz Sat, 27 Jan 2001 09:13:13 +0100 + +john (1.6-6) unstable; urgency=low + + * Added sparc-fix from Solar Designer (Closes: #81756). + * Changed rules file to build two different versions of john, one with + mmx extensions, and one without. + * Added wrapper script to start john. + + -- Christian Kurz Fri, 12 Jan 2001 22:31:05 +0100 + +john (1.6-5) unstable; urgency=low + + * Moved overrides file to correct location (Closes: 81218). + * Added 3 lines to overrides file for the symlinks. + + -- Christian Kurz Thu, 4 Jan 2001 20:51:32 +0100 + +john (1.6-4) unstable; urgency=low + + * Hopefully I fixed now the logfile-path-bug. + + -- Christian Kurz Fri, 8 Dec 2000 22:26:26 +0100 + +john (1.6-3) unstable; urgency=low + + * Fixed pre-rm to allow removal of package (Closes: 74091). + + -- Christian Kurz Thu, 5 Oct 2000 21:55:51 +0200 + +john (1.6-2) unstable; urgency=low + + * Changed debian/rules to be faster and more portable. + * Fixed prerm-script to run only on purges. + * Fixed some pathes to better defaults. + + -- Christian Kurz Mon, 15 May 2000 19:37:07 +0200 + +john (1.6-1) unstable; urgency=low + + * First Debian release. + + -- Christian Kurz Sat, 1 Apr 2000 12:23:57 +0200 diff -urN john-1.6.orig/debian/conffiles john-1.6/debian/conffiles --- john-1.6.orig/debian/conffiles 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/conffiles 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,3 @@ +/etc/john.ini +/etc/john-mail.conf +/etc/john-mail.msg diff -urN john-1.6.orig/debian/config john-1.6/debian/config --- john-1.6.orig/debian/config 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/config 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,5 @@ +#!/bin/sh -e + +. /usr/share/debconf/confmodule +db_input medium john/cronjob || true +db_go diff -urN john-1.6.orig/debian/control john-1.6/debian/control --- john-1.6.orig/debian/control 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/control 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,15 @@ +Source: john +Section: admin +Priority: optional +Maintainer: Christian Kurz +Origin: debian +Bugs: debbugs://bugs.debian.org +Standards-Version: 3.5.6 + +Package: john +Architecture: i386 alpha sparc +Depends: ${shlibs:Depends} +Description: An active password cracking tool + john, normally called john the ripper, is a tool to find + weak passwords of your users, and even mail them automatically + if you want. diff -urN john-1.6.orig/debian/copyright john-1.6/debian/copyright --- john-1.6.orig/debian/copyright 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/copyright 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,26 @@ +This is a Debian prepackaged version of john the ripper. The package has +been created by Christian Kurz . + +Source code was obtained from: + http://www.openwall.com/john/ + +The following copyright applies to this package: + + Copyright (c) 2000 Solar Designer . + All rights reserved. + + This program is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your option) + any later version. + + This program is distributed in the hope that it will be useful, but WITHOUT + ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + + A complete version of the GPL can be found in /usr/share/common-licenses/GPL. diff -urN john-1.6.orig/debian/john john-1.6/debian/john --- john-1.6.orig/debian/john 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/john 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,12 @@ +#!/bin/bash -e + +if [ -d /proc ]; then + if grep -q '^flags.* mmx' /proc/cpuinfo; then + exec -a john /usr/sbin/john-mmx $* + else + exec -a john /usr/sbin/john-any $* + fi +else + echo "Proc File System not available. Can't run john." +fi +exit 0 diff -urN john-1.6.orig/debian/john-cronjob john-1.6/debian/john-cronjob --- john-1.6.orig/debian/john-cronjob 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/john-cronjob 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,28 @@ +#!/bin/sh + +usage() { + echo "Usage: john-cronjob [ install | remove ]" +} + +if [ $# -ne 1 ];then + usage + exit 0 +fi + +case "$1" in + remove) + if [ -f /etc/cron.daily/john -a ! -L /etc/cron.daily/john ]; then + rm /etc/cron.daily/john + fi + ;; + install) + if [ ! -e /etc/cron.daily/john -a ! -L /etc/cron.daily/john ]; then + cp /usr/share/john/john-dailyscript /etc/cron.daily/john + chmod u+x,og-rwx /etc/cron.daily/john + fi + ;; + *) + usage + exit 0 + ;; +esac diff -urN john-1.6.orig/debian/john-cronjob.1 john-1.6/debian/john-cronjob.1 --- john-1.6.orig/debian/john-cronjob.1 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/john-cronjob.1 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,43 @@ +\" Hey, EMACS: -*- nroff -*- +\" +.\" john.1 is copyright 1999-2001 by +.\" Jeronimo Pellegrini +.\" This is free documentation, see the latest version of the GNU General +.\" Public License for copying conditions. There is NO warranty. +.TH JOHN-CRONJOB 1 "August 21, 2001" john +.\" Please adjust this date whenever revising the manpage. +.SH NAME +john-cronjob \- installs or removes the john cronjob +.SH SYNOPSIS +.B john-cronjob +install | remove +.SH DESCRIPTION +This manual page describes the john-cronjob script, an add-on to the john +package. \fBjohn-cronjob\fP is used to install or remove a cronjob that will +run automatically every day, trying to crack passwords (a script will be +placed +under \fI/etc/cron.daily\fP). When the script is called, it will check if an +instance of john is already running. If not, it will start a new \fBjohn\fP(1) +process, and then run the \fBmailer\fP(1) script. +.br +When installing or removing the cronjob, this script will never touch a +symlink. +.SH SEE ALSO +.BR mailer (1), +.BR john (1), +.BR unafs (1), +.BR unique (1), +.BR unshadow (1), +.BR john.ini (5) +.PP +The programs are documented fully by John's documentation, +which should be available in \fI/usr/share/doc/john\fP or other +location, depending on your system. +.SH AUTHOR +This manual page was written by Jeronimo Pellegrini +, for the Debian GNU/Linux system (but +may be used by others). +.br +John the Ripper was written by Solar Designer . +The complete list of contributors can be found in the CREDITS file +in the documentation directory. diff -urN john-1.6.orig/debian/john-dailyscript john-1.6/debian/john-dailyscript --- john-1.6.orig/debian/john-dailyscript 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/john-dailyscript 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,48 @@ +#!/bin/sh +# +# This script runs every day, trying to crack passwords, and then calls +# mailer to warn the users (and maybe also root) about that. + +JOHNDIR=/usr/sbin +PASSWD=/etc/passwd +SHADOW=/etc/shadow + +PASSFILE=`grep -e "[ ]*passfile[ ]*=[ ]*" /etc/john-mail.conf | + sed -e "s/#.*//" -e "s/.*=[ ]*//"` + +if [ -z $PASSFILE ]; then + mail -s "John cronjob is not configured yet!" root < +.\" This is free documentation, see the latest version of the GNU General +.\" Public License for copying conditions. There is NO warranty. +.TH JOHN 1 "June 25, 2001" john +.\" Please adjust this date whenever revising the manpage. +.SH NAME +john \- a tool to find weak passwords of your users +.SH SYNOPSIS +.B john +.RI [ options ] " password-files" +.SH DESCRIPTION +This manual page documents briefly the +.B john +command. +This manual page was written for the Debian GNU/Linux distribution +because the original program does not have a manual page. +\fBjohn\fP, better known as John the Ripper, is a tool to find weak +passwords of users in a server. John can use a dictionary or some search +pattern as well as a password file to check for passwords. John supports +different cracking modes and understands many ciphertext formats, like +several DES variants, MD5 and blowfish. It can also be used to extract AFS +and Windows NT passwords. +.SH USAGE +To use John, you just need to supply it a password file and the desired +options. If no mode is specified, john will try "single" first, then +"wordlist" and finally "incremental". +.P +Once John finds a password, it will be printed to the terminal and saved +into a file called ~/john.pot. John will read this file when it restarts +so it doesn't try to crack already done passwords. +.P +To see the cracked passwords, use +.P +john -show passwd +.P +While cracking, you can press any key for status, or Ctrl+C to abort the +session, saving point information to a file ( +.I ~/restore +by default). By the +way, if you press Ctrl+C twice John will abort immediately without saving. +The point information is also saved every 10 minutes (configurable in the +configuration file, +.I ~/john.ini +) in case of a crash. +.P +To continue an interrupted session, run: +.P +john -restore +.P +Now, you may notice that many accounts have a disabled shell, you can make +John ignore these (assume that shell is called ' +.I /etc/expired +'): +.P +john -show -shells:-/etc/expired passwd +.P +You might want to mail all the users who got weak passwords, +to tell them to change the passwords. It's not always a good idea though +(unfortunately, lots of people seem to ignore such mail, it can be used +as a hint for crackers, etc), but anyway, I'll assume you know what you're +doing. Get a copy of the 'mailer' script supplied with John, so you won't +change anything that's under +.I /usr/bin +; edit the message it sends, and +possibly the mail command inside it (especially if the password file is +from a different box than you got John running on). +Then run: +.P + ./mailer passwd +.P +Anyway, you probably should have a look at +.I /usr/share/doc/john/OPTIONS +for a list of all the command line options, and at +.I /usr/share/doc/john/EXAMPLES +for more John usage examples with other cracking modes. +.SH OPTIONS +All the options recognized by john start with a single dash (`-'). +A summary of options is included below. +.TP +.B \-external:MODE +Enables an external mode, using external functions defined in ~/john.ini's +[List.External:MODE] section. +.TP +.B \-format:NAME +Allows you to override the ciphertext format detection. Currently, valid +format names are DES, BSDI, MD5, BF, AFS, LM. You can use this option when +cracking or with '-test'. Note that John can't crack password files with +different ciphertext formats at the same time. +.TP +.B \-groups:[-]GID[,..] +Tells John to load users of the specified group(s) only. +.TP +.B \-incremental[:MODE] +Enables the incremental mode, using the specified ~/john.ini definition +(section [Incremental:MODE], or [Incremental:All] by default). +.TP +.B \-makechars:FILE +Generates a charset file, based on character frequencies from ~/john.pot, +for use with the incremental mode. The entire ~/john.pot will be used for +the charset file unless you specify some password files. You can also use +an external filter() routine with this option. +.TP +.B \-restore[:FILE] +Continues an interrupted cracking session, reading point information from +the specified file (~/restore by default). +.TP +.B \-rules +Enables wordlist rules, that are read from [List.Rules:Wordlist]. +.TP +.B \-salts:[-]COUNT +This feature sometimes allows to achieve better performance. For example +you can crack only some salts using '-salts:2' faster, and then crack the +rest using '-salts:-2'. Total cracking time will be about the same, but +you will get some passwords cracked earlier. +.TP +.B \-savemem:LEVEL +You might need this option if you don't have enough memory, or don't want +John to affect other processes too much. Level 1 tells John not to waste +memory on login names, so you won't see them while cracking. Higher levels +have a performance impact: you should probably avoid using them unless John +doesn't work or gets into swap otherwise. +.TP +.B \-session:FILE +Allows you to specify another point information file's name to use for +this cracking session. This is useful for running multiple instances of +John in parallel, or just to be able to recover an older session later, +not always continue the latest one. +.TP +.B \-shells:[-]SHELL[,..] +This option is useful to load accounts with a valid shell only, or not to +load accounts with a bad shell. You can omit the path before a shell name, +so '-shells:csh' will match both '/bin/csh' and '/usr/bin/csh', while +'-shells:/bin/csh' will only match '/bin/csh'. +.TP +.B \-show +Shows the cracked passwords in a convenient form. You should also specify +the password files. You can use this option while another John is cracking, +to see what it did so far. +.TP +.B \-single +Enables the "single crack" mode, using rules from [List.Rules:Single]. +.TP +.B \-status[:FILE] +Prints status of an interrupted or running session. To get an up to date +status information of a detached running session, send that copy of John +a SIGHUP before using this option. +.TP +.B \-stdin +These are used to enable the wordlist mode (reading from stdin). +.TP +.B \-stdout[:LENGTH] +When used with a cracking mode, except for "single crack", makes John +print the words it generates to stdout instead of cracking. While applying +wordlist rules, the significant password length is assumed to be LENGTH, +or unlimited by default. +.TP +.B \-test +Benchmarks all the enabled ciphertext format crackers, and tests them for +correct operation at the same time. +.TP +.B \-users:[-]LOGIN|UID[,..] +Allows you to filter a few accounts for cracking, etc. A dash before the +list can be used to invert the check (that is, load all the users that +aren't listed). +.TP +.B \-wordfile:FILE +These are used to enable the wordlist mode, reading words from FILE. +.SH MODES +John can work in the following modes: +.TP +\fBWordlist\fP +John will simply use a file with a list of words that will be checked +against the passwords. See RULES for the format of wordlist files. +.TP +\fBSingle crack\fP +In this mode, john will try to crack the password using the login/GECOS +information as passwords. +.TP +\fBIncremental\fP +This is the most powerful mode. John will try any character combination +to resolve the password. +Details about these modes can be found in the MODES file in john's +documentation, including how to define your own cracking methods. +.SH SEE ALSO +.BR mailer (1), +.BR unafs (1), +.BR unique (1), +.BR unshadow (1), +.BR john.ini (5) +.PP +The programs are documented fully by John's documentation, +which should be available in \fI/usr/share/doc/john\fP or other +location, depending on your system. +.SH AUTHOR +This manual page was written by Jordi Mallach +and Jeronimo Pellegrini , for the +Debian GNU/Linux system (but may be used by others). +.br +John the Ripper was written by Solar Designer . +The complete list of contributors can be found in the CREDITS file +in the documentation directory. diff -urN john-1.6.orig/debian/mailer john-1.6/debian/mailer --- john-1.6.orig/debian/mailer 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/mailer 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,50 @@ +#!/bin/sh +# +# This file is part of John the Ripper password cracker, +# Copyright (c) 1996-98 by Solar Designer +# + +if [ $# -ne 1 ]; then + echo "Usage: $0 PASSWORD-FILE" + exit 0 +fi + +if [ ! -f /etc/john-mail.conf ]; then + echo "Couldn't find /etc/john-mail.conf -- stopping!" + exit 0 +fi + +if [ ! -f /etc/john-mail.msg ]; then + echo "Couldn't find /etc/john-mail.msg -- stopping!" + exit 0 +fi + +# In Debian, john should be in /usr/sbin. "john" binaries in other +# locations should not be used. +JOHNDIR=/usr/sbin + +# Let's get stuff from conf file: +SHELLS=`grep -e "shells[ ]*=[ ]*" /etc/john-mail.conf | sed "s/.*=[ ]*//"` +MAILCMD=`grep -e "mailcmd[ ]*=[ ]*" /etc/john-mail.conf | sed "s/.*=[ ]*//"` +MAILARGS=`grep -e "mailargs[ ]*=[ ]*" /etc/john-mail.conf | sed "s/.*=[ ]*//"` + +# Let's start +$JOHNDIR/john -show "$1" -shells:$SHELLS | sed -n 's/:.*//p' | +( + SENT=0 + + while read LOGIN; do + echo Sending mail to "$LOGIN"... + +# Sends a message to each user; a template is in /etc/john.msg +# Subject, Reply-to, and other header lines should be put +# at the top of that file. + sed -e 's/@LOGIN/'$LOGIN'/g' \ + -e 's/@HOSTNAME/'$HOSTNAME'/g' /etc/john-mail.msg | + $MAILCMD $MAILARGS $LOGIN + + SENT=$(($SENT+1)) + done + + echo $SENT messages sent +) diff -urN john-1.6.orig/debian/mailer.1 john-1.6/debian/mailer.1 --- john-1.6.orig/debian/mailer.1 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/mailer.1 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,45 @@ +.\" Hey, EMACS: -*- nroff -*- +.\" +.\" mailer.1 is copyright 1999-2001 by +.\" Jordi Mallach +.\" This is free documentation, see the latest version of the GNU General +.\" Public License for copying conditions. There is NO warranty. +.TH MAILER 1 "May 19, 2001" john +.\" Please adjust this date whenever revising the manpage. +.SH NAME +mailer \- script to warn users about their week passwords +.SH SYNOPSIS +.B mailer +\fIpassword-files\fP +.SH DESCRIPTION +This manual page documents briefly the +.B mailer +command, which is part of the john package. +This manual page was written for the Debian GNU/Linux distribution +because the original program does not have a manual page. +\fBjohn\fP, better known as John the Ripper, is a tool to find weak +passwords of users in a server. +.br +The \fBmailer\fP tool is useful to inform users which have been found to +be using weak passwords by mail. +.P +You should edit the message mailer will send to the users, but remember to +copy the script to a safe place before editing it, as it's +generally a bad idea to modify things living in /usr. +.SH SEE ALSO +.BR john (1), +.BR unafs (1), +.BR unique (1), +.BR unshadow (1), +.BR john.ini (5) +.PP +The programs are documented fully by John's documentation, +which should be available in \fI/usr/share/doc/john\fP or other +location, depending on your system. +.SH AUTHOR +This manual page was written by Jordi Mallach , +for the Debian GNU/Linux system (but may be used by others). +.br +John the Ripper and mailer were written by Solar Designer +. The complete list of contributors can be found in +the CREDITS file in the documentation directory. diff -urN john-1.6.orig/debian/overrides.Lintian john-1.6/debian/overrides.Lintian --- john-1.6.orig/debian/overrides.Lintian 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/overrides.Lintian 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,4 @@ +john: interpreter-not-absolute ./usr/share/john/password.lst #!comment: +john: script-not-executable ./usr/share/john/password.lst +john: unusual-interpreter ./usr/share/john/password.lst #!comment: +john: missing-debconf-dependency diff -urN john-1.6.orig/debian/postinst john-1.6/debian/postinst --- john-1.6.orig/debian/postinst 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/postinst 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,37 @@ +#!/bin/sh -e +if [ "$1" = "configure" ]; then + if [ -d /usr/doc -a ! -e /usr/doc/john -a -d /usr/share/doc/john ]; then + ln -sf ../share/doc/john /usr/doc/john + fi +fi + +if [ -f /usr/share/debconf/confmodule ]; then + . /usr/share/debconf/confmodule + + db_get john/cronjob ; INSTCRON="$RET" + if [ "$INSTCRON" = "true" ]; then + john-cronjob install + else + john-cronjob remove + fi +else + cat <<%END% + I can install a cronjob for you that will run periodically, trying + to crack passwords, and then mail users with weak passwords. + You will have to configure the path and name of the temporary + file in /etc/john-mailer.conf. + . + If you decide not to install now, you can always run + "john.cron install" to install it if you change your mind. + +Should I install the cronjob? +%END% + read a + case "$a" in + [yY]*) + john-cronjob install + ;; + [nN]*) + john-cronjob remove + esac +fi diff -urN john-1.6.orig/debian/postrm john-1.6/debian/postrm --- john-1.6.orig/debian/postrm 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/postrm 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,6 @@ +#!/bin/sh + +if [ "$1" = purge -a -e /usr/share/debconf/confmodule ]; then + . /usr/share/debconf/confmodule + db_purge +fi diff -urN john-1.6.orig/debian/prerm john-1.6/debian/prerm --- john-1.6.orig/debian/prerm 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/prerm 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,14 @@ +#!/bin/sh + +# Remove runtime file when purging john. + +[ "$1" = "remove" ] && rm -f /usr/share/john/restore + +if [ \( "$1" = "upgrade" -o "$1" = "remove" \) -a -L /usr/doc/john ]; then + rm -f /usr/doc/john +fi + +# Check if a cronjob was installed and if yes, remove it. +if [ -f /etc/cron.daily/john ]; then + /usr/sbin/john-cronjob remove +fi diff -urN john-1.6.orig/debian/rules john-1.6/debian/rules --- john-1.6.orig/debian/rules 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/rules 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,126 @@ +#!/usr/bin/make -f + +PACKAGE := john +TARGET:=$(shell dpkg --print-architecture | sed 's/i386/linux-x86-any-elf/;s/alpha/linux-alpha/;s/sparc/linux-sparc/') +ARCHITECURE:=$(shell dpkg --print-architecture) + +build: build-stamp +build-stamp: + test -e debian/control +ifeq ($(ARCHITECURE),i386) + cd $(CURDIR)/src && make $(TARGET) + mv run/john run/john-any + cd $(CURDIR)/src && make clean + cd $(CURDIR)/src && make linux-x86-mmx-elf + mv run/john run/john-mmx +else + cd $(CURDIR)/src && make $(TARGET) +endif + touch build-stamp + +clean: + test -e debian/control + test 0 = "`id -u`" || (echo need root privileges; exit 1) + rm -f build-stamp install-stamp + -$(MAKE) clean + rm -rf debian/substvars debian/files debian/tmp + +# Build architecture-independent files here. +binary-indep: build +# We have nothing to do by default. + +# Build architecture-dependent files here. +binary-arch: build debian/control + test -e debian/control + test 0 = "`id -u`" || (echo need root privileges; exit 1) + rm -rf debian/substvars debian/tmp + install -d --mode=0755 debian/tmp + install -d --mode=0755 "debian/tmp/usr/share/doc/$(PACKAGE)" + install -d --mode=0755 "debian/tmp/usr/share/man/man1" + install -d --mode=0755 "debian/tmp/usr/share/lintian/overrides" + install -d --mode=0755 "debian/tmp/usr/share/$(PACKAGE)" + install -d --mode=0755 "debian/tmp/usr/sbin" + install -d --mode=0755 "debian/tmp/etc" + install -m 644 run/john.ini debian/tmp/etc + install -m 644 run/all.chr debian/tmp/usr/share/john + install -m 644 run/alpha.chr debian/tmp/usr/share/john + install -m 644 run/digits.chr debian/tmp/usr/share/john + install -m 644 run/lanman.chr debian/tmp/usr/share/john + install -m 644 run/password.lst debian/tmp/usr/share/john + + # Extra Stuff that should be removed after the next + # upstream release of john the ripper + install -m 644 debian/john-mail.msg debian/tmp/etc + install -m 644 debian/john-mail.conf debian/tmp/etc + install -m 644 debian/CONFIG.mailer debian/tmp/usr/share/doc/$(PACKAGE) + install -m 755 debian/mailer debian/tmp/usr/sbin + install -m 755 debian/john-cronjob debian/tmp/usr/sbin + install -m 755 debian/john-dailyscript debian/tmp/usr/share/$(PACKAGE) + +ifeq (i386,$(ARCHITECURE)) + install -s run/john-any debian/tmp/usr/sbin/john-any + install -s run/john-mmx debian/tmp/usr/sbin/john-mmx + install -m 755 debian/john debian/tmp/usr/sbin/john +else + install -s run/john debian/tmp/usr/sbin/john +endif + + #Commented out, because currently we'll use a special + #hacked version. Comment it in after new upstream release. + #install run/mailer debian/tmp/usr/sbin + +ifeq (i386,$(ARCHITECURE)) + (cd debian/tmp/usr/sbin; ln -s john-any unafs; ln -s john-any unique; \ + ln -s john-any unshadow) +else + (cd debian/tmp/usr/sbin; ln -s john unafs; ln -s john unique; \ + ln -s john unshadow) +endif + install --mode=0644 debian/overrides.Lintian \ + debian/tmp/usr/share/lintian/overrides/john + install --mode=0644 debian/copyright \ + "debian/tmp/usr/share/doc/$(PACKAGE)" + install --mode=0644 doc/CONFIG doc/CREDITS doc/EXAMPLES doc/EXTERNAL doc/README \ + "debian/tmp/usr/share/doc/$(PACKAGE)" + install --mode=0644 doc/FAQ doc/MODES doc/OPTIONS doc/RULES doc/NEWS \ + "debian/tmp/usr/share/doc/$(PACKAGE)" + install --mode=0644 debian/changelog \ + "debian/tmp/usr/share/doc/$(PACKAGE)/changelog.Debian" + mv debian/tmp/usr/share/doc/$(PACKAGE)/NEWS \ + debian/tmp/usr/share/doc/$(PACKAGE)/changelog + install --mode=0644 debian/john.1 "debian/tmp/usr/share/man/man1" + install --mode=0644 debian/mailer.1 "debian/tmp/usr/share/man/man1" + install --mode=0644 debian/unafs.1 "debian/tmp/usr/share/man/man1" + install --mode=0644 debian/unique.1 "debian/tmp/usr/share/man/man1" + install --mode=0644 debian/unshadow.1 "debian/tmp/usr/share/man/man1" + install --mode=0644 debian/john-cronjob.1 "debian/tmp/usr/share/man/man1" + gzip -9 debian/tmp/usr/share/doc/$(PACKAGE)/changelog + gzip -9 debian/tmp/usr/share/doc/$(PACKAGE)/changelog.Debian + gzip -9 debian/tmp/usr/share/doc/$(PACKAGE)/EXAMPLES + gzip -9 debian/tmp/usr/share/man/man1/john.1 + gzip -9 debian/tmp/usr/share/man/man1/mailer.1 + gzip -9 debian/tmp/usr/share/man/man1/unafs.1 + gzip -9 debian/tmp/usr/share/man/man1/unique.1 + gzip -9 debian/tmp/usr/share/man/man1/unshadow.1 + gzip -9 debian/tmp/usr/share/man/man1/john-cronjob.1 +ifeq (i386,$(ARCHITECURE)) + strip --remove-section=.comment --remove-section=.note debian/tmp/usr/sbin/john-any + strip --remove-section=.comment --remove-section=.note debian/tmp/usr/sbin/john-mmx +else + strip --remove-section=.comment --remove-section=.note debian/tmp/usr/sbin/john +endif + install -d --mode=0755 debian/tmp/DEBIAN + install --mode=0755 debian/prerm debian/postinst debian/tmp/DEBIAN + install --mode=0644 debian/conffiles debian/tmp/DEBIAN + install --mode=0755 debian/config debian/tmp/DEBIAN + install --mode=0644 debian/templates debian/tmp/DEBIAN + install --mode=0755 debian/postinst debian/tmp/DEBIAN + dpkg-shlibdeps debian/tmp/usr/sbin/* + dpkg-gencontrol -isp + dpkg --build debian/tmp .. + +source diff: + @echo >&2 'source and diff are obsolete - use dpkg-source -b'; false + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary diff -urN john-1.6.orig/debian/templates john-1.6/debian/templates --- john-1.6.orig/debian/templates 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/templates 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,21 @@ +Template: john/cronjob +Type: boolean +Default: false +Description: Should John run periodically and mail users? + I can install a cronjob for you that will run periodically, trying + to crack passwords, and then mail users with weak passwords. + You will have to configure the path and name of the temporary + file in /etc/john-mail.conf. + . + If you decide not to install now, you can always run + "john.cron install" to install it if you change your mind. + Should I install the cronjob? +Description-de: John regelmäßig ausführen und Nutzer anmailen? + Es kann ein Cron-Job installiert werden, der John regelmäßig ausführt, + und versucht Passwörter zu knacken. Nutzer mit zu einfachen Passwörtern + werden dann per eMail darüber informiert. Sie müsssen dazu den Pfad und + Namen einer temporären Datei in /etc/john-mail.conf angeben. + . + Wenn Sie dies jetzt nicht tun möchten, dann können Sie jederzeit + "john.cron install" ausführen, um den Cron-Job nachträglich zu + installieren diff -urN john-1.6.orig/debian/unafs.1 john-1.6/debian/unafs.1 --- john-1.6.orig/debian/unafs.1 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/unafs.1 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,40 @@ +.\" Hey, EMACS: -*- nroff -*- +.\" +.\" unafs.1 is copyright 1999-2001 by +.\" Jordi Mallach +.\" This is free documentation, see the latest version of the GNU General +.\" Public License for copying conditions. There is NO warranty. +.TH UNAFS 1 "May 19, 2001" john +.\" Please adjust this date whenever revising the manpage. +.SH NAME +unafs \- script to warn users about their week passwords +.SH SYNOPSIS +.B unafs +\fIpassword-files cell-name\fP +.SH DESCRIPTION +This manual page documents briefly the +.B unafs +command, which is part of the john package. +This manual page was written for the Debian GNU/Linux distribution +because the original program does not have a manual page. +\fBjohn\fP, better known as John the Ripper, is a tool to find weak +passwords of users in a server. +.br The \fBunafs\fP tool gets password hashes out of the binary AFS +database, and produces a file usable by John. +.SH SEE ALSO +.BR john (1), +.BR mailer (1), +.BR unique (1), +.BR unshadow (1), +.BR john.ini (5) +.PP +The programs are documented fully by John's documentation, +which should be available in \fI/usr/share/doc/john\fP or other +location, depending on your system. +.SH AUTHOR +This manual page was written by Jordi Mallach , +for the Debian GNU/Linux system (but may be used by others). +.br +John the Ripper and mailer were written by Solar Designer +. The complete list of contributors can be found in +the CREDITS file in the documentation directory. diff -urN john-1.6.orig/debian/unique.1 john-1.6/debian/unique.1 --- john-1.6.orig/debian/unique.1 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/unique.1 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,41 @@ +.\" Hey, EMACS: -*- nroff -*- +.\" +.\" unique.1 is copyright 1999-2001 by +.\" Jordi Mallach +.\" This is free documentation, see the latest version of the GNU General +.\" Public License for copying conditions. There is NO warranty. +.TH UNIQUE 1 "May 19, 2001" john +.\" Please adjust this date whenever revising the manpage. +.SH NAME +unique \- removes duplicates from a wordlist +.SH SYNOPSIS +.B unique +\fIoutput-file\fP +.SH DESCRIPTION +This manual page documents briefly the +.B unique +command, which is part of the john package. +This manual page was written for the Debian GNU/Linux distribution +because the original program does not have a manual page. +\fBjohn\fP, better known as John the Ripper, is a tool to find weak +passwords of users in a server. +.br The \fBunique\fP tool finds and removes duplicate entries from a +wordlist (read from stdin), without changing the order. This is important +to increase the performance of john when using the wordlist method. +.SH SEE ALSO +.BR john (1), +.BR mailer (1), +.BR unafs (1), +.BR unshadow (1), +.BR john.ini (5) +.PP +The programs are documented fully by John's documentation, +which should be available in \fI/usr/share/doc/john\fP or other +location, depending on your system. +.SH AUTHOR +This manual page was written by Jordi Mallach , +for the Debian GNU/Linux system (but may be used by others). +.br +John the Ripper and mailer were written by Solar Designer +. The complete list of contributors can be found in +the CREDITS file in the documentation directory. diff -urN john-1.6.orig/debian/unshadow.1 john-1.6/debian/unshadow.1 --- john-1.6.orig/debian/unshadow.1 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/debian/unshadow.1 2004-05-19 07:56:49.000000000 +0930 @@ -0,0 +1,43 @@ +.\" Hey, EMACS: -*- nroff -*- +.\" +.\" unshadow.1 is copyright 1999-2001 by +.\" Jordi Mallach +.\" This is free documentation, see the latest version of the GNU General +.\" Public License for copying conditions. There is NO warranty. +.TH UNSHADOW 1 "May 19, 2001" john +.\" Please adjust this date whenever revising the manpage. +.SH NAME +unshadow \- combines passwd and shadow files +.SH SYNOPSIS +.B unshadow +\fIpassword-file shadow-file\fP +.SH DESCRIPTION +This manual page documents briefly the +.B unshadow +command, which is part of the john package. +This manual page was written for the Debian GNU/Linux distribution +because the original program does not have a manual page. +\fBjohn\fP, better known as John the Ripper, is a tool to find weak +passwords of users in a server. +.br The \fBunshadow\fP tool combines the passwd and shadow files so John can +use them. You might need this since if you only used your shadow file, the +GECOS information wouldn't be used by the "single crack" mode, and also you +wouldn't be able to use the '-shells' option. On a normal system you'll need +to run unshadow as root to be able to read the shadow file. +.SH SEE ALSO +.BR john (1), +.BR mailer (1), +.BR unafs (1), +.BR unique (1), +.BR john.ini (5) +.PP +The programs are documented fully by John's documentation, +which should be available in \fI/usr/share/doc/john\fP or other +location, depending on your system. +.SH AUTHOR +This manual page was written by Jordi Mallach , +for the Debian GNU/Linux system (but may be used by others). +.br +John the Ripper and mailer were written by Solar Designer +. The complete list of contributors can be found in +the CREDITS file in the documentation directory. diff -urN john-1.6.orig/doc/COPYING john-1.6/doc/COPYING --- john-1.6.orig/doc/COPYING 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/doc/COPYING 2004-05-19 08:16:06.000000000 +0930 @@ -0,0 +1,342 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc. + 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Library General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Library General +Public License instead of this License. + + diff -urN john-1.6.orig/doc/NTLM-FAQ john-1.6/doc/NTLM-FAQ --- john-1.6.orig/doc/NTLM-FAQ 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/doc/NTLM-FAQ 2004-05-19 07:59:24.000000000 +0930 @@ -0,0 +1,33 @@ + +Q: What's this? +A: It's a patch to Solar Designer's "john the ripper" password cracker. + +Q: What's it good for, then? +A: It enables john to crack Windows NT/2000 MD4 (case-sensitive) password hashes. + +Q: Who made this? +A: This patch was thrown together on a boring Sunday by Olle Segerdahl. + It uses Andrew Tridgell's NTLM and MD4 code stolen from samba-2.0.7 . + +Q: How do I install it? +A: I assume you are able to install john from a source distribution, + if you are not, PLEASE read john's documentation. Put the files enclosed + in this archive in the "src" subdirectory, run 'patch < john-ntlm.diff' + and then 'make (your-system-type-here)' .... + +Q: How do I use john to crack NT password hashes? +A: Use pwdump2 or L0phtcrack to dump the password hashes into a file, + then run 'john pwfile -format:NT' to start cracking! + +Q: Didn't it used to be '-format:NTLM' ? +A: Yes, but this has changed so as not to confuse people who have trouble + understanding the difference between LM (DES) and NT (md4) hashes. + +Q: I get all kinds of compile errors! +A: This patch was made against john-1.6.31-dev, lots of stuff might have broken + source compatibility since then... Use something closer to john-1.6.31-dev. + +Q: I have a question not covered by this FAQ! +A: Make sure you have read all there is to read about john, then + mail me at olle@nxs.se with "JOHN-NTLM" in the subject. + diff -urN john-1.6.orig/run/john.ini john-1.6/run/john.ini --- john-1.6.orig/run/john.ini 1998-12-03 09:59:50.000000000 +0930 +++ john-1.6/run/john.ini 2004-05-19 07:56:49.000000000 +0930 @@ -5,7 +5,7 @@ [Options] # Wordlist file name, to be used in batch mode -Wordfile = ~/password.lst +Wordfile = /usr/share/john/password.lst # Use idle cycles only Idle = N # Crash recovery file saving delay in seconds @@ -314,25 +314,25 @@ # Incremental modes [Incremental:All] -File = ~/all.chr +File = /usr/share/john/all.chr MinLen = 0 MaxLen = 8 CharCount = 95 [Incremental:Alpha] -File = ~/alpha.chr +File = /usr/share/john/alpha.chr MinLen = 1 MaxLen = 8 CharCount = 26 [Incremental:Digits] -File = ~/digits.chr +File = /usr/share/john/digits.chr MinLen = 1 MaxLen = 8 CharCount = 10 [Incremental:LanMan] -File = ~/lanman.chr +File = /usr/share/john/lanman.chr MinLen = 0 MaxLen = 7 CharCount = 69 diff -urN john-1.6.orig/src/BFEgg_fmt.c john-1.6/src/BFEgg_fmt.c --- john-1.6.orig/src/BFEgg_fmt.c 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/src/BFEgg_fmt.c 2004-05-20 08:56:13.768720784 +0930 @@ -0,0 +1,119 @@ +/* + * This file is part of Eggdrop blowfish patch for John The Ripper. + * Copyright (c) 2002 by Sun-Zero + * This is a free software distributable under terms of the GNU GPL. + * See the file COPYING for details. + */ + +#include + +#include "misc.h" +#include "formats.h" +#include "common.h" +#include "blowfish.c" + +#define FORMAT_LABEL "bfegg" +#define FORMAT_NAME "Eggdrop" +#define ALG_NAME "blowfish" + +#define BENCHMARK_COMMENT "" +#define BENCHMARK_LENGTH -1 + +#define PLAINTEXT_LENGTH 31 +#define CIPHERTEXT_LENGTH 33 + +#define BINARY_SIZE 13 +#define SALT_SIZE 0 + +#define MIN_KEYS_PER_CRYPT 1 +#define MAX_KEYS_PER_CRYPT 1 + +static struct fmt_tests tests[] = { + {"+Yug.E/gQk2S0", "ajto123"}, + {"+hG/XQ18czl5.", "ablak123"}, + {"+IaISR0x4ZY/.", "szek123"}, + {"+9VMVs/L1st7/", "konyha"}, + {"+EEHgy/MBLDd0", "walkman"}, + {"+vPBrs07OTXE/", "tesztuser"}, + {NULL} +}; + +static char crypt_key[BINARY_SIZE]; +static char saved_key[PLAINTEXT_LENGTH + 1]; + +static int valid(char *ciphertext) { + if (strncmp(ciphertext, "+", 1) != 0) return 0; + if (strlen(ciphertext) != 13) return 0; + + return 1; +} + +void init() { + blowfish_first_init(); +} + + +static void set_key(char *key, int index) { + strnzcpy(saved_key, key, PLAINTEXT_LENGTH+1); +} + +static char *get_key(int index) { + return saved_key; +} + +static int cmp_all(void *binary, int index) { + return !memcmp(binary, crypt_key, BINARY_SIZE); +} + +static int cmp_exact(char *source, int index) { + return 1; +} + +static void set_salt(void *salt) { } + +static void crypt_all(int count) { + blowfish_encrypt_pass(saved_key, crypt_key); +} + +struct fmt_main fmt_BFEgg = { + { + FORMAT_LABEL, + FORMAT_NAME, + ALG_NAME, + BENCHMARK_COMMENT, + BENCHMARK_LENGTH, + PLAINTEXT_LENGTH, + BINARY_SIZE, + SALT_SIZE, + MIN_KEYS_PER_CRYPT, + MAX_KEYS_PER_CRYPT, + FMT_CASE | FMT_8_BIT, + tests + }, { + init, + valid, + fmt_default_split, + fmt_default_binary, + fmt_default_salt, + { + fmt_default_binary_hash, + fmt_default_binary_hash, + fmt_default_binary_hash, + }, + fmt_default_salt_hash, + set_salt, + set_key, + get_key, + // fmt_default_clear_keys, + crypt_all, + { + fmt_default_get_hash, + fmt_default_get_hash, + fmt_default_get_hash, + }, + cmp_all, + cmp_all, + cmp_exact + } +}; + diff -urN john-1.6.orig/src/KRB4_fmt.c john-1.6/src/KRB4_fmt.c --- john-1.6.orig/src/KRB4_fmt.c 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/src/KRB4_fmt.c 2004-05-20 08:52:33.881148776 +0930 @@ -0,0 +1,288 @@ +/* + KRB4_fmt.c + + AFS/krb4 TGT dictionary attack module for Solar Designer's John the Ripper. + + tgtsnarf files should only contain entries for one cell/realm. + + Copyright (c) 1999 Dug Song + All rights reserved, all wrongs reversed. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of author may not be used to endorse or promote products + derived from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL + THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#include +#include +#define OPENSSL_ENABLE_OLD_DES_SUPPORT +#include + +#include "arch.h" +#include "DES_std.h" +#include "KRB4_std.h" +#include "misc.h" +#include "common.h" +#include "formats.h" + +#define TGT_LENGTH 16 /* 2 des_cblock's */ + +#define FORMAT_LABEL "krb4" +#define FORMAT_NAME "Kerberos v4 TGT" +#define ALGORITHM_NAME DES_STD_ALGORITHM_NAME +#define BENCHMARK_COMMENT "" +#define BENCHMARK_LENGTH -1 +#define PLAINTEXT_LENGTH 32 +#define BINARY_SIZE 0 +#define SALT_SIZE TGT_LENGTH + REALM_SZ +#define MIN_KEYS_PER_CRYPT 1 +#define MAX_KEYS_PER_CRYPT 1 + +static struct fmt_tests krb4_tests[] = { + {"$af$UMICH.EDU$bb46613c503ad92e649d99d038efddb2", "w00w00"}, + {"$af$UMICH.EDU$95cd4367d4828d117b745ed63b9229be", "asdfjkl;"}, + {"$af$UMICH.EDU$000084efbde96969fd54d1a2ec8c287d", "hello!"}, + {"$af$UMICH.EDU$e9660a21b280875a7ecfc68aa771e34a", "a12345"}, + {"$af$UMICH.EDU$566f2b8629b9be36680866b0e613f239", "a1b2c3"}, + {"$af$UMICH.EDU$bebcedf43f7f2aa78cf9c0639e494c92", "abcdefg12345678"}, + {"$af$ENGIN.UMICH.EDU$9ef1034301e1f1fcf1516cb65aa1cc79", "asdfjkl;"}, + {"$af$ENGIN.UMICH.EDU$02ad23a6364df67a4db473de053cacbb", "a1b2c3"}, + {"$af$ENGIN.UMICH.EDU$14d0a59a2f9e746f1a3bf02ec4fb447e", "abc123!"}, + {"$af$ENGIN.UMICH.EDU$44feffd06e68e30bc8890e253760858d", "12345"}, + {NULL} +}; + +static const unsigned char odd_parity[256]={ + 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14, + 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31, + 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47, + 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62, + 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79, + 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94, + 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110, + 112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127, + 128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143, + 145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158, + 161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174, + 176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191, + 193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206, + 208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223, + 224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239, + 241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254 +}; + +static struct salt_st { + u_char tgt[TGT_LENGTH]; + char realm[REALM_SZ]; +} *saved_salt; + +static struct key_st { + des_cblock key; + des_key_schedule sched; + char string[PLAINTEXT_LENGTH]; +} saved_key; + + +static int +krb4_valid(char *ciphertext) +{ + char *p, *tgt; + + if (strncmp(ciphertext, "$k4$", 4) != 0 && + strncmp(ciphertext, "$af$", 4) != 0) + return 0; + + tgt = strchr(ciphertext + 4, '$') + 1; + + for (p = tgt; p && *p != '\0'; p++) + if (!isxdigit((int)*p)) return 0; + + if (p - tgt != TGT_LENGTH * 2) + return 0; + + return 1; +} + +static int +hex_decode(char *src, u_char *dst, int outsize) +{ + char *p, *pe; + u_char *q, *qe, ch, cl; + + pe = src + strlen(src); + qe = dst + outsize; + + for (p = src, q = dst; p < pe && q < qe && isxdigit((int)*p); p += 2) { + ch = tolower(p[0]); + cl = tolower(p[1]); + + if ((ch >= '0') && (ch <= '9')) ch -= '0'; + else if ((ch >= 'a') && (ch <= 'f')) ch -= 'a' - 10; + else return (-1); + + if ((cl >= '0') && (cl <= '9')) cl -= '0'; + else if ((cl >= 'a') && (cl <= 'f')) cl -= 'a' - 10; + else return (-1); + + *q++ = (ch << 4) | cl; + } + return (q - dst); +} + +static void * +krb4_salt(char *ciphertext) +{ + static struct salt_st salt; + char *p; + + if (strncmp(ciphertext, "$af$", 4) == 0) { + ciphertext += 4; + p = strchr(ciphertext, '$'); + strnzcpy(salt.realm, ciphertext, (p - ciphertext) + 1); + ciphertext = p + 1; + } + else { + salt.realm[0] = '\0'; + ciphertext += 4; + } + if (hex_decode(ciphertext, salt.tgt, sizeof(salt.tgt)) != + sizeof(salt.tgt)) + return (NULL); + + return (&salt); +} + +static void +krb4_set_salt(void *salt) +{ + saved_salt = (struct salt_st *)salt; +} + +static void +krb4_set_key(char *key, int index) +{ + if (saved_salt->realm[0] != '\0') + afs_string_to_key(key, saved_salt->realm, &saved_key.key); + else + des_string_to_key(key, &saved_key.key); + + strnzcpy(saved_key.string, key, sizeof(saved_key.string)); +} + +static char * +krb4_get_key(int index) +{ + return (saved_key.string); +} + +static void +krb4_crypt_all(int count) +{ + /* XXX - NOOP */ +} + +static int +krb4_check_parity(des_cblock *key) +{ + int i; + + for (i = 0; i < DES_KEY_SZ; i++) { + if ((*key)[i] != odd_parity[(*key)[i]]) + return (0); + } + return (1); +} + +static int +krb4_cmp_all(void *binary, int count) +{ + des_cblock tmp; + + des_set_key(&saved_key.key, saved_key.sched); + + des_pcbc_encrypt((des_cblock *)saved_salt->tgt, &tmp, + sizeof(des_cblock), saved_key.sched, + &saved_key.key, DES_DECRYPT); + + return (krb4_check_parity(&tmp)); +} + +static int +krb4_cmp_one(void *binary, int count) +{ + u_char text[TGT_LENGTH]; + + des_pcbc_encrypt((des_cblock *)saved_salt->tgt, (des_cblock *)text, + sizeof(text), saved_key.sched, &saved_key.key, + DES_DECRYPT); + + return (memcmp(text + 8, "krbtgt", 6) == 0); +} + +static int +krb4_cmp_exact(char *source, int index) +{ + return (1); /* XXX - fallthrough from krb4_cmp_one() */ +} + +struct fmt_main fmt_KRB4 = { + { + FORMAT_LABEL, + FORMAT_NAME, + ALGORITHM_NAME, + BENCHMARK_COMMENT, + BENCHMARK_LENGTH, + PLAINTEXT_LENGTH, + BINARY_SIZE, + SALT_SIZE, + MIN_KEYS_PER_CRYPT, + MAX_KEYS_PER_CRYPT, + FMT_CASE | FMT_8_BIT, + krb4_tests + }, { + fmt_default_init, + krb4_valid, + fmt_default_split, + fmt_default_binary, + krb4_salt, + { + fmt_default_binary_hash, + fmt_default_binary_hash, + fmt_default_binary_hash + }, + fmt_default_salt_hash, + krb4_set_salt, + krb4_set_key, + krb4_get_key, + krb4_crypt_all, + { + fmt_default_get_hash, + fmt_default_get_hash, + fmt_default_get_hash + }, + krb4_cmp_all, + krb4_cmp_one, + krb4_cmp_exact + } +}; + +/* 5000. */ diff -urN john-1.6.orig/src/KRB4_std.c john-1.6/src/KRB4_std.c --- john-1.6.orig/src/KRB4_std.c 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/src/KRB4_std.c 2004-05-20 08:37:55.188730328 +0930 @@ -0,0 +1,122 @@ +/* + KRB4_std.c + + Kerberos v4 jonks, from KTH krb4. + + $OpenBSD: str2key.c,v 1.6 1998/06/22 15:22:27 beck Exp $ + $KTH: str2key.c,v 1.10 1997/03/23 03:53:19 joda Exp $ +*/ + +/* This defines the Andrew string_to_key function. It accepts a password + * string as input and converts its via a one-way encryption algorithm to a DES + * encryption key. It is compatible with the original Andrew authentication + * service password database. + */ + +#include +#include +#include +#define OPENSSL_ENABLE_OLD_DES_SUPPORT +#include + +#include "KRB4_std.h" + +#ifndef des_fixup_key_parity +#define des_fixup_key_parity des_set_odd_parity +#endif + +static void +mklower(char *s) +{ + for (; s[0] != '\0'; s++) + if ('A' <= *s && *s <= 'Z') + *s = *s - 'A' + 'a'; +} + +/* + * Short passwords, i.e 8 characters or less. + */ +static void +afs_cmu_StringToKey (char *str, char *cell, des_cblock *key) +{ + char password[8+1]; /* crypt is limited to 8 chars anyway */ + int i; + int passlen; + + memset(key, 0, sizeof(key)); + memset(password, 0, sizeof(password)); + + strncpy (password, cell, 8); + password[8] = '\0'; + passlen = strlen (str); + if (passlen > 8) passlen = 8; + + for (i=0; i sizeof(password)) passlen = sizeof(password); + + memcpy(&ivec, "kerberos", 8); + memcpy(&temp_key, "kerberos", 8); + des_fixup_key_parity (&temp_key); + des_key_sched (&temp_key, schedule); + des_cbc_cksum ((des_cblock *)password, &ivec, passlen, schedule, &ivec); + + memcpy(&temp_key, &ivec, 8); + des_fixup_key_parity (&temp_key); + des_key_sched (&temp_key, schedule); + des_cbc_cksum ((des_cblock *)password, key, passlen, schedule, &ivec); + + des_fixup_key_parity (key); +} + +void +afs_string_to_key(char *str, char *cell, des_cblock *key) +{ + char realm[REALM_SZ+1]; + strncpy(realm, cell, REALM_SZ); + realm[REALM_SZ] = 0; + mklower(realm); + + if (strlen(str) > 8) + afs_transarc_StringToKey (str, realm, key); + else + afs_cmu_StringToKey (str, realm, key); +} diff -urN john-1.6.orig/src/KRB4_std.h john-1.6/src/KRB4_std.h --- john-1.6.orig/src/KRB4_std.h 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/src/KRB4_std.h 2004-05-19 18:31:08.000000000 +0930 @@ -0,0 +1,16 @@ +/* + * KRB4_std.h + * + * Kerberos v4 jonks, from KTH krb4. + * + * Dug Song + */ + +#ifndef KRB4_STD_H +#define KRB4_STD_H + +#define REALM_SZ 40 + +void afs_string_to_key(char *str, char *cell, des_cblock *key); + +#endif /* KRB4_STD_H */ diff -urN john-1.6.orig/src/MYSQL_fmt.c john-1.6/src/MYSQL_fmt.c --- john-1.6.orig/src/MYSQL_fmt.c 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/src/MYSQL_fmt.c 2004-05-19 07:56:18.000000000 +0930 @@ -0,0 +1,241 @@ +//////////////////////////////////////////////////////////////// +// MySQL password cracker - v1.0 - 16.1.2003 +// +// by Andrew Hintz drew@overt.org +// +// This production has been brought to you by +// 4tphi and violating +// +// This file is an add-on to John the Ripper +// +// Part of this code is based on the MySQL brute password cracker +// mysqlpassword.c by Chris Given +// This program executes about 75% faster than mysqlpassword.c +// John the ripper also performs sophisticated password guessing. +// +// John the Ripper will expect the MySQL password file to be +// in the following format (without the leading // ): +// dumb_user:5d2e19393cc5ef67 +// another_luser:28ff8d49159ffbaf + +#include +#include +#include +#include + +// johntr includes +#include "arch.h" +#include "misc.h" +#include "formats.h" +#include "common.h" + +//johntr defines +#define FORMAT_LABEL "mysql" +#define FORMAT_NAME "mysql" +#define ALGORITHM_NAME "mysql" + +#define BENCHMARK_COMMENT "" +#define BENCHMARK_LENGTH -1 + +// Increase the PLAINTEXT_LENGTH value for longer passwords. +// You can also set it to 8 when using MySQL systems that truncate +// the password to only 8 characters. +#define PLAINTEXT_LENGTH 32 + +#define CIPHERTEXT_LENGTH 16 + +#define BINARY_SIZE 16 +#define SALT_SIZE 0 + +#define MIN_KEYS_PER_CRYPT 1 +#define MAX_KEYS_PER_CRYPT 1 + + +//used for mysql scramble function +struct rand_struct { + unsigned long seed1,seed2,max_value; + double max_value_dbl; +}; + + +void make_scrambled_password(char *,const char *); +char *scramble(char *,const char *,const char *, int); + +//test cases +static struct fmt_tests mysql_tests[] = { + {"30f098972cc8924d", "http://guh.nu"}, + {"3fc56f6037218993", "Andrew Hintz"}, + {"697a7de87c5390b2", "drew"}, + {"1eb71cf460712b3e", "http://4tphi.net"}, + {"28ff8d49159ffbaf", "http://violating.us"}, + {"5d2e19393cc5ef67", "password"}, + {NULL} +}; + + +//stores the ciphertext for value currently being tested +static char crypt_key[BINARY_SIZE+1]; + +//used by set_key +static char saved_key[PLAINTEXT_LENGTH + 1]; + +static int mysql_valid(char *ciphertext) { //returns 0 for invalid ciphertexts + + int i; //used as counter in loop + + //ciphertext is 16 characters + if (strlen(ciphertext) != 16) return 0; + + //ciphertext is ASCII representation of hex digits + for (i = 0; i < 16; i++){ + if (!( ((48 <= ciphertext[i])&&(ciphertext[i] <= 57)) || + ((97 <= ciphertext[i])&&(ciphertext[i] <= 102)) )) + return 0; + } + + return 1; +} + +static void mysql_set_salt(void *salt) { } + +static void mysql_set_key(char *key, int index) { + strnzcpy(saved_key, key, PLAINTEXT_LENGTH+1); +} + +static char *mysql_get_key(int index) { + return saved_key; +} + +static int mysql_cmp_all(void *binary, int index) { //also is mysql_cmp_one + return !memcmp(binary, crypt_key, BINARY_SIZE); +} + +static int mysql_cmp_exact(char *source, int count){ + return (1); // mysql_cmp_all fallthrough? +} + +static void mysql_crypt_all(int count) { + // get plaintext input in saved_key put it into ciphertext crypt_key + make_scrambled_password(crypt_key,saved_key); +} + +//////////////////////////////////////////////////////////////// +//begin mysql code +// This code was copied from mysqlpassword.c by Chris Given +// He probably copied it from password.c in the MySQL source +// The code is GPLed + +void randominit(struct rand_struct *rand_st,ulong seed1, ulong seed2) { + rand_st->max_value= 0x3FFFFFFFL; + rand_st->max_value_dbl=(double) rand_st->max_value; + rand_st->seed1=seed1%rand_st->max_value ; + rand_st->seed2=seed2%rand_st->max_value; +} +static void old_randominit(struct rand_struct *rand_st,ulong seed1) { + rand_st->max_value= 0x01FFFFFFL; + rand_st->max_value_dbl=(double) rand_st->max_value; + seed1%=rand_st->max_value; + rand_st->seed1=seed1 ; rand_st->seed2=seed1/2; +} +double rnd(struct rand_struct *rand_st) { + rand_st->seed1=(rand_st->seed1*3+rand_st->seed2) % + rand_st->max_value; + rand_st->seed2=(rand_st->seed1+rand_st->seed2+33) % + rand_st->max_value; + return(((double) rand_st->seed1)/rand_st->max_value_dbl); +} +void hash_password(ulong *result, const char *password) { + register ulong nr=1345345333L, add=7, nr2=0x12345671L; + ulong tmp; + for (; *password ; password++) { + if (*password == ' ' || *password == '\t') + continue; + tmp= (ulong) (unsigned char) *password; + nr^= (((nr & 63)+add)*tmp)+ (nr << 8); + nr2+=(nr2 << 8) ^ nr; + add+=tmp; + } + result[0]=nr & (((ulong) 1L << 31) -1L); /* Don't use sign bit + (str2int) */; + result[1]=nr2 & (((ulong) 1L << 31) -1L); + return; +} +void make_scrambled_password(char *to,const char *password) { + ulong hash_res[2]; + hash_password(hash_res,password); + sprintf(to,"%08lx%08lx",hash_res[0],hash_res[1]); +} +static inline uint char_val(char X) { + return (uint) (X >= '0' && X <= '9' ? X-'0' : X >= 'A' && X <= 'Z' ? + X-'A'+10 : X-'a'+10); +} +char *scramble(char *to,const char *message,const char *password, int + old_ver) { + struct rand_struct rand_st; + ulong hash_pass[2],hash_message[2]; + if(password && password[0]) { + char *to_start=to; + hash_password(hash_pass,password); + hash_password(hash_message,message); + if (old_ver) + old_randominit(&rand_st,hash_pass[0] ^ + hash_message[0]); + else + randominit(&rand_st,hash_pass[0] ^ hash_message[0], + hash_pass[1] ^ hash_message[1]); + while (*message++) + *to++= (char) (floor(rnd(&rand_st)*31)+64); + if (!old_ver) { + char extra=(char) (floor(rnd(&rand_st)*31)); + while(to_start != to) + *(to_start++)^=extra; + } + } + *to=0; + return to; +} + +//end mysql code +//////////////////////////////////////////////////////////////// + +struct fmt_main fmt_MYSQL = { + { + FORMAT_LABEL, + FORMAT_NAME, + ALGORITHM_NAME, + BENCHMARK_COMMENT, + BENCHMARK_LENGTH, + PLAINTEXT_LENGTH, + BINARY_SIZE, + SALT_SIZE, + MIN_KEYS_PER_CRYPT, + MAX_KEYS_PER_CRYPT, + FMT_CASE | FMT_8_BIT, + mysql_tests + }, { + fmt_default_init, + mysql_valid, + fmt_default_split, + fmt_default_binary, + fmt_default_salt, + { + fmt_default_binary_hash, + fmt_default_binary_hash, + fmt_default_binary_hash + }, + fmt_default_salt_hash, + mysql_set_salt, + mysql_set_key, + mysql_get_key, + //fmt_default_clear_keys, + mysql_crypt_all, + { + fmt_default_get_hash, + fmt_default_get_hash, + fmt_default_get_hash + }, + mysql_cmp_all, + mysql_cmp_all, //should it be the same as cmp_all or same as cmp_exact? + mysql_cmp_exact //fallthrough + } +}; diff -urN john-1.6.orig/src/Makefile john-1.6/src/Makefile --- john-1.6.orig/src/Makefile 1998-12-03 09:59:50.000000000 +0930 +++ john-1.6/src/Makefile 2004-05-20 09:15:44.947674520 +0930 @@ -13,11 +13,12 @@ SED = sed NULL = /dev/null CPPFLAGS = -E -CFLAGS = -c -Wall -O2 -fomit-frame-pointer +CFLAGS = -c -Wall -O2 -fomit-frame-pointer -I/usr/include/openssl ASFLAGS = -c LDFLAGS = -s OPT_NORMAL = -funroll-loops OPT_INLINE = -finline-functions +LIBS = -lskey -lcrypto -lcrypt JOHN_VERSION = 1.6 JOHN_ARCHIVE = john-$(JOHN_VERSION) @@ -35,13 +36,19 @@ MD5_fmt.o MD5_std.o \ BF_fmt.o BF_std.o \ AFS_fmt.o \ - LM_fmt.o \ + LM_fmt.o NT_fmt.o \ + MYSQL_fmt.o \ + md4.o smbencrypt.o \ + SKEY_fmt.o \ + KRB4_fmt.o KRB4_std.o \ + BFEgg_fmt.o \ batch.o bench.o charset.o common.o compiler.o config.o cracker.o \ external.o formats.o getopt.o idle.o inc.o john.o list.o loader.o \ logger.o math.o memory.o misc.o options.o params.o path.o recovery.o \ rpp.o rules.o signals.o single.o status.o tty.o wordlist.o \ unshadow.o \ unafs.o \ + undrop.o \ unique.o JOHN_OBJS = \ @@ -70,11 +77,11 @@ bench.o best.o common.o config.o formats.o memory.o misc.o params.o \ path.o signals.o tty.o -PROJ = ../run/john ../run/unshadow ../run/unafs ../run/unique +PROJ = ../run/john ../run/unshadow ../run/unafs ../run/unique ../run/undrop ../run/tgtsnarf PROJ_DOS = ../run/john.bin ../run/john.com \ - ../run/unshadow.com ../run/unafs.com ../run/unique.com + ../run/unshadow.com ../run/unafs.com ../run/unique.com ../run/undrop.com PROJ_WIN32 = ../run/john.exe \ - ../run/unshadow.exe ../run/unafs.exe ../run/unique.exe + ../run/unshadow.exe ../run/unafs.exe ../run/unique.exe ../run/undrop.exe default: @echo "To build John the Ripper, type:" @@ -147,7 +154,7 @@ JOHN_OBJS="$(JOHN_OBJS) alpha.o" linux-sparc: - $(MAKE) HAMMER=use-linux-sparc sparc.h + $(MAKE) use-linux-sparc HAMMER=use-linux-sparc NAIL=sparc.h ln -s sparc.h arch.h $(MAKE) use-linux-sparc NAIL="$(PROJ)" @@ -397,8 +404,11 @@ bench: $(BENCH_OBJS) $(LD) $(LDFLAGS) $(BENCH_OBJS) -o bench +../run/tgtsnarf: tgtsnarf.o + $(LD) $(LDFLAGS) tgtsnarf.o -o ../run/tgtsnarf + ../run/john: $(JOHN_OBJS) - $(LD) $(LDFLAGS) $(JOHN_OBJS) -o ../run/john + $(LD) $(LDFLAGS) $(JOHN_OBJS) -o ../run/john $(LIBS) ../run/unshadow: ../run/john ln -s john ../run/unshadow @@ -406,6 +416,10 @@ ../run/unafs: ../run/john ln -s john ../run/unafs +../run/undrop: ../run/john + $(RM) ../run/undrop + ln -s john ../run/undrop + ../run/unique: ../run/john ln -s john ../run/unique @@ -423,6 +437,9 @@ ../run/unafs.com: john.com copy john.com ..\run\unafs.com +../run/undrop.com: john.com + copy john.com ..\run\undrop.com + ../run/unique.com: john.com copy john.com ..\run\unique.com @@ -441,6 +458,10 @@ $(CC) symlink.c -o ../run/unafs.exe strip ../run/unafs.exe +../run/undrop.exe: symlink.c + $(CC) symlink.c -o ../run/undrop.exe + strip ../run/undrop.exe + ../run/unique.exe: symlink.c $(CC) symlink.c -o ../run/unique.exe strip ../run/unique.exe diff -urN john-1.6.orig/src/NT_fmt.c john-1.6/src/NT_fmt.c --- john-1.6.orig/src/NT_fmt.c 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/src/NT_fmt.c 2004-05-20 09:19:11.101334400 +0930 @@ -0,0 +1,187 @@ +/* + * NTLM patch for john version 0.2 + * + * (C) 2001 Olle Segerdahl + * + * liscense: GPL + * + * This file is based on code from John the Ripper, + * Copyright (c) 1996-99 by Solar Designer + * + */ + +#include + +#include "arch.h" +#include "memory.h" +#include "common.h" +#include "formats.h" + +#ifndef uchar +#define uchar unsigned char +#endif + +#define FORMAT_LABEL "nt" +#define FORMAT_NAME "NT MD4" + +#define BENCHMARK_COMMENT "" +#define BENCHMARK_LENGTH -1 + +#define PLAINTEXT_LENGTH 54 +#define CIPHERTEXT_LENGTH 36 + + +static struct fmt_tests tests[] = { + {"$NT$b7e4b9022cd45f275334bbdb83bb5be5", "John the Ripper"}, + {"$NT$8846f7eaee8fb117ad06bdd830b7586c", "password"}, + {"$NT$0cb6948805f797bf2a82807973b89537", "test"}, + {"$NT$31d6cfe0d16ae931b73c59d7e0c089c0", ""}, + {NULL} +}; + +#define ALGORITHM_NAME "TridgeMD4" + +#define BINARY_SIZE 16 +#define SALT_SIZE 0 + +#define MIN_KEYS_PER_CRYPT 1 +#define MAX_KEYS_PER_CRYPT 1 + +uchar saved_plain[PLAINTEXT_LENGTH + 1]; +uchar output[BINARY_SIZE + 1]; + +extern void E_md4hash(uchar *passwd, uchar *p16); + + +static int valid(char *ciphertext) +{ + char *pos; + + if (strncmp(ciphertext, "$NT$", 4)!=0) return 0; + + for (pos = &ciphertext[4]; atoi16[(ARCH_INDEX)*pos] != 0x7F; pos++); + + if (!*pos && pos - ciphertext == CIPHERTEXT_LENGTH) + return 1; + else + return 0; + +} + +static void *get_binary(char *ciphertext) +{ + static uchar binary[BINARY_SIZE]; + int i; + + ciphertext+=4; + for (i=0; i + All rights reserved, all wrongs reversed. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of author may not be used to endorse or promote products + derived from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL + THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#include +#include +#include +#include +#include + +#include "arch.h" +#include "misc.h" +#include "common.h" +#include "formats.h" + +#define FORMAT_LABEL "skey" +#define FORMAT_NAME "S/Key" +#define ALGORITHM_NAME "MD4/MD5/SHA1/RMD160" +#define BENCHMARK_COMMENT "" +#define BENCHMARK_LENGTH -1 +#define PLAINTEXT_LENGTH 32 +#define BINARY_SIZE 0 +#define SALT_SIZE sizeof(struct skey_salt_st) +#define MIN_KEYS_PER_CRYPT 1 +#define MAX_KEYS_PER_CRYPT 1 + +static struct fmt_tests skey_tests[] = { + {"0096 luky451004 b519dcfe18eb7aab", "w00w00 v00d00"}, + {"md5 0099 luky451001 93b3774544ba92a3", "swirling zagnuts"}, + {"sha1 0042 luky451002 d4f0b50e17b29310", "abcdefg12345678"}, + {"rmd160 0099 luky451006 2dbcbb728e8bb456", "squeamish ossifrage"}, + {NULL} +}; + +/* Saved state. */ +static struct skey_salt_st { + int num; + char type[SKEY_MAX_HASHNAME_LEN + 1]; + char seed[SKEY_MAX_SEED_LEN + 1]; + u_char hash[SKEY_BINKEY_SIZE]; +} saved_salt; +static u_char saved_key[SKEY_BINKEY_SIZE]; +static char saved_pass[PLAINTEXT_LENGTH]; + +static int +skey_valid(char *ciphertext) +{ + char *p, *q, buf[24]; + + if (*ciphertext == '#') + return (0); + + strnzcpy(buf, ciphertext, sizeof(buf)); + + if ((p = strchr(buf, ' ')) == NULL) + return (0); + *p++ = '\0'; + + if (isalpha(*buf)) { + if (skey_set_algorithm(buf) == NULL || + (q = strchr(p, ' ')) == NULL) + return (0); + *q = '\0'; + } + else p = buf; + + for ( ; *p; p++) { + if (!isdigit(*p)) + return (0); + } + return (1); +} + +static int +hex_decode(char *src, u_char *dst, int outsize) +{ + char *p, *pe; + u_char *q, *qe, ch, cl; + + pe = src + strlen(src); + qe = dst + outsize; + + for (p = src, q = dst; p < pe && q < qe && isxdigit((int)*p); p += 2) { + ch = tolower(p[0]); + cl = tolower(p[1]); + + if ((ch >= '0') && (ch <= '9')) ch -= '0'; + else if ((ch >= 'a') && (ch <= 'f')) ch -= 'a' - 10; + else return (-1); + + if ((cl >= '0') && (cl <= '9')) cl -= '0'; + else if ((cl >= 'a') && (cl <= 'f')) cl -= 'a' - 10; + else return (-1); + + *q++ = (ch << 4) | cl; + } + return (q - dst); +} + +static void * +skey_salt(char *ciphertext) +{ + static struct skey_salt_st salt; + static char buf[128]; + char *p; + + strnzcpy(buf, ciphertext, sizeof(buf)); + + if ((p = strtok(buf, " \t")) == NULL) + return (NULL); + + if (isalpha(*p)) { + strnzcpy(salt.type, p, sizeof(salt.type)); + if ((p = strtok(NULL, " \t")) == NULL) + return (NULL); + } + else strnzcpy(salt.type, "md4", sizeof(salt.type)); + + salt.num = atoi(p); + + if ((p = strtok(NULL, " \t")) == NULL) + return (NULL); + + strnzcpy(salt.seed, p, sizeof(salt.seed) - 1); + + if ((p = strtok(NULL, " \t")) == NULL) + return (NULL); + + hex_decode(p, salt.hash, sizeof(salt.hash)); + + return (&salt); +} + +static void +skey_set_salt(void *salt) +{ + memcpy((u_char *)&saved_salt, (u_char *)salt, sizeof(saved_salt)); +} + +static void +skey_set_key(char *key, int index) +{ + strnzcpy(saved_pass, key, sizeof(saved_pass) - 1); + hex_decode(key, saved_key, sizeof(saved_key)); +} + +static char * +skey_get_key(int index) +{ + return (saved_pass); +} + +static void +skey_crypt_all(int count) +{ + int i; + + skey_set_algorithm(saved_salt.type); + + keycrunch(saved_key, saved_salt.seed, saved_pass); + + for (i = 0; i < saved_salt.num; i++) + f(saved_key); +} + +static int +skey_cmp_all(void *binary, int count) +{ + return (memcmp(saved_key, saved_salt.hash, sizeof(saved_salt.hash)) == 0); +} + +static int +skey_cmp_one(void *binary, int count) +{ + return (1); /* XXX - fallthrough from skey_cmp_all() */ +} + +static int +skey_cmp_exact(char *source, int count) +{ + return (1); /* XXX - fallthrough from skey_cmp_one() */ +} + +struct fmt_main fmt_SKEY = { + { + FORMAT_LABEL, + FORMAT_NAME, + ALGORITHM_NAME, + BENCHMARK_COMMENT, + BENCHMARK_LENGTH, + PLAINTEXT_LENGTH, + BINARY_SIZE, + SALT_SIZE, + MIN_KEYS_PER_CRYPT, + MAX_KEYS_PER_CRYPT, + FMT_CASE | FMT_8_BIT, + skey_tests + }, { + fmt_default_init, + skey_valid, + fmt_default_split, + fmt_default_binary, + skey_salt, + { + fmt_default_binary_hash, + fmt_default_binary_hash, + fmt_default_binary_hash + }, + fmt_default_salt_hash, + skey_set_salt, + skey_set_key, + skey_get_key, + skey_crypt_all, + { + fmt_default_get_hash, + fmt_default_get_hash, + fmt_default_get_hash + }, + skey_cmp_all, + skey_cmp_one, + skey_cmp_exact + } +}; + +/* 5000. */ diff -urN john-1.6.orig/src/bf_tab.h john-1.6/src/bf_tab.h --- john-1.6.orig/src/bf_tab.h 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/src/bf_tab.h 2004-05-19 08:16:06.000000000 +0930 @@ -0,0 +1,277 @@ +/* bf_tab.h: Blowfish P-box and S-box tables */ +#ifndef _H_TAB_BF +#define _H_TAB_BF + +static UWORD_32bits initbf_P[bf_N + 2] = +{ + 0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344, + 0xa4093822, 0x299f31d0, 0x082efa98, 0xec4e6c89, + 0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c, + 0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917, + 0x9216d5d9, 0x8979fb1b, +}; +static UWORD_32bits initbf_S[4][256] = +{ + { + 0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7, + 0xb8e1afed, 0x6a267e96, 0xba7c9045, 0xf12c7f99, + 0x24a19947, 0xb3916cf7, 0x0801f2e2, 0x858efc16, + 0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e, + 0x0d95748f, 0x728eb658, 0x718bcd58, 0x82154aee, + 0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013, + 0xc5d1b023, 0x286085f0, 0xca417918, 0xb8db38ef, + 0x8e79dcb0, 0x603a180e, 0x6c9e0e8b, 0xb01e8a3e, + 0xd71577c1, 0xbd314b27, 0x78af2fda, 0x55605c60, + 0xe65525f3, 0xaa55ab94, 0x57489862, 0x63e81440, + 0x55ca396a, 0x2aab10b6, 0xb4cc5c34, 0x1141e8ce, + 0xa15486af, 0x7c72e993, 0xb3ee1411, 0x636fbc2a, + 0x2ba9c55d, 0x741831f6, 0xce5c3e16, 0x9b87931e, + 0xafd6ba33, 0x6c24cf5c, 0x7a325381, 0x28958677, + 0x3b8f4898, 0x6b4bb9af, 0xc4bfe81b, 0x66282193, + 0x61d809cc, 0xfb21a991, 0x487cac60, 0x5dec8032, + 0xef845d5d, 0xe98575b1, 0xdc262302, 0xeb651b88, + 0x23893e81, 0xd396acc5, 0x0f6d6ff3, 0x83f44239, + 0x2e0b4482, 0xa4842004, 0x69c8f04a, 0x9e1f9b5e, + 0x21c66842, 0xf6e96c9a, 0x670c9c61, 0xabd388f0, + 0x6a51a0d2, 0xd8542f68, 0x960fa728, 0xab5133a3, + 0x6eef0b6c, 0x137a3be4, 0xba3bf050, 0x7efb2a98, + 0xa1f1651d, 0x39af0176, 0x66ca593e, 0x82430e88, + 0x8cee8619, 0x456f9fb4, 0x7d84a5c3, 0x3b8b5ebe, + 0xe06f75d8, 0x85c12073, 0x401a449f, 0x56c16aa6, + 0x4ed3aa62, 0x363f7706, 0x1bfedf72, 0x429b023d, + 0x37d0d724, 0xd00a1248, 0xdb0fead3, 0x49f1c09b, + 0x075372c9, 0x80991b7b, 0x25d479d8, 0xf6e8def7, + 0xe3fe501a, 0xb6794c3b, 0x976ce0bd, 0x04c006ba, + 0xc1a94fb6, 0x409f60c4, 0x5e5c9ec2, 0x196a2463, + 0x68fb6faf, 0x3e6c53b5, 0x1339b2eb, 0x3b52ec6f, + 0x6dfc511f, 0x9b30952c, 0xcc814544, 0xaf5ebd09, + 0xbee3d004, 0xde334afd, 0x660f2807, 0x192e4bb3, + 0xc0cba857, 0x45c8740f, 0xd20b5f39, 0xb9d3fbdb, + 0x5579c0bd, 0x1a60320a, 0xd6a100c6, 0x402c7279, + 0x679f25fe, 0xfb1fa3cc, 0x8ea5e9f8, 0xdb3222f8, + 0x3c7516df, 0xfd616b15, 0x2f501ec8, 0xad0552ab, + 0x323db5fa, 0xfd238760, 0x53317b48, 0x3e00df82, + 0x9e5c57bb, 0xca6f8ca0, 0x1a87562e, 0xdf1769db, + 0xd542a8f6, 0x287effc3, 0xac6732c6, 0x8c4f5573, + 0x695b27b0, 0xbbca58c8, 0xe1ffa35d, 0xb8f011a0, + 0x10fa3d98, 0xfd2183b8, 0x4afcb56c, 0x2dd1d35b, + 0x9a53e479, 0xb6f84565, 0xd28e49bc, 0x4bfb9790, + 0xe1ddf2da, 0xa4cb7e33, 0x62fb1341, 0xcee4c6e8, + 0xef20cada, 0x36774c01, 0xd07e9efe, 0x2bf11fb4, + 0x95dbda4d, 0xae909198, 0xeaad8e71, 0x6b93d5a0, + 0xd08ed1d0, 0xafc725e0, 0x8e3c5b2f, 0x8e7594b7, + 0x8ff6e2fb, 0xf2122b64, 0x8888b812, 0x900df01c, + 0x4fad5ea0, 0x688fc31c, 0xd1cff191, 0xb3a8c1ad, + 0x2f2f2218, 0xbe0e1777, 0xea752dfe, 0x8b021fa1, + 0xe5a0cc0f, 0xb56f74e8, 0x18acf3d6, 0xce89e299, + 0xb4a84fe0, 0xfd13e0b7, 0x7cc43b81, 0xd2ada8d9, + 0x165fa266, 0x80957705, 0x93cc7314, 0x211a1477, + 0xe6ad2065, 0x77b5fa86, 0xc75442f5, 0xfb9d35cf, + 0xebcdaf0c, 0x7b3e89a0, 0xd6411bd3, 0xae1e7e49, + 0x00250e2d, 0x2071b35e, 0x226800bb, 0x57b8e0af, + 0x2464369b, 0xf009b91e, 0x5563911d, 0x59dfa6aa, + 0x78c14389, 0xd95a537f, 0x207d5ba2, 0x02e5b9c5, + 0x83260376, 0x6295cfa9, 0x11c81968, 0x4e734a41, + 0xb3472dca, 0x7b14a94a, 0x1b510052, 0x9a532915, + 0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400, + 0x08ba6fb5, 0x571be91f, 0xf296ec6b, 0x2a0dd915, + 0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664, + 0x53b02d5d, 0xa99f8fa1, 0x08ba4799, 0x6e85076a}, + { + 0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623, + 0xad6ea6b0, 0x49a7df7d, 0x9cee60b8, 0x8fedb266, + 0xecaa8c71, 0x699a17ff, 0x5664526c, 0xc2b19ee1, + 0x193602a5, 0x75094c29, 0xa0591340, 0xe4183a3e, + 0x3f54989a, 0x5b429d65, 0x6b8fe4d6, 0x99f73fd6, + 0xa1d29c07, 0xefe830f5, 0x4d2d38e6, 0xf0255dc1, + 0x4cdd2086, 0x8470eb26, 0x6382e9c6, 0x021ecc5e, + 0x09686b3f, 0x3ebaefc9, 0x3c971814, 0x6b6a70a1, + 0x687f3584, 0x52a0e286, 0xb79c5305, 0xaa500737, + 0x3e07841c, 0x7fdeae5c, 0x8e7d44ec, 0x5716f2b8, + 0xb03ada37, 0xf0500c0d, 0xf01c1f04, 0x0200b3ff, + 0xae0cf51a, 0x3cb574b2, 0x25837a58, 0xdc0921bd, + 0xd19113f9, 0x7ca92ff6, 0x94324773, 0x22f54701, + 0x3ae5e581, 0x37c2dadc, 0xc8b57634, 0x9af3dda7, + 0xa9446146, 0x0fd0030e, 0xecc8c73e, 0xa4751e41, + 0xe238cd99, 0x3bea0e2f, 0x3280bba1, 0x183eb331, + 0x4e548b38, 0x4f6db908, 0x6f420d03, 0xf60a04bf, + 0x2cb81290, 0x24977c79, 0x5679b072, 0xbcaf89af, + 0xde9a771f, 0xd9930810, 0xb38bae12, 0xdccf3f2e, + 0x5512721f, 0x2e6b7124, 0x501adde6, 0x9f84cd87, + 0x7a584718, 0x7408da17, 0xbc9f9abc, 0xe94b7d8c, + 0xec7aec3a, 0xdb851dfa, 0x63094366, 0xc464c3d2, + 0xef1c1847, 0x3215d908, 0xdd433b37, 0x24c2ba16, + 0x12a14d43, 0x2a65c451, 0x50940002, 0x133ae4dd, + 0x71dff89e, 0x10314e55, 0x81ac77d6, 0x5f11199b, + 0x043556f1, 0xd7a3c76b, 0x3c11183b, 0x5924a509, + 0xf28fe6ed, 0x97f1fbfa, 0x9ebabf2c, 0x1e153c6e, + 0x86e34570, 0xeae96fb1, 0x860e5e0a, 0x5a3e2ab3, + 0x771fe71c, 0x4e3d06fa, 0x2965dcb9, 0x99e71d0f, + 0x803e89d6, 0x5266c825, 0x2e4cc978, 0x9c10b36a, + 0xc6150eba, 0x94e2ea78, 0xa5fc3c53, 0x1e0a2df4, + 0xf2f74ea7, 0x361d2b3d, 0x1939260f, 0x19c27960, + 0x5223a708, 0xf71312b6, 0xebadfe6e, 0xeac31f66, + 0xe3bc4595, 0xa67bc883, 0xb17f37d1, 0x018cff28, + 0xc332ddef, 0xbe6c5aa5, 0x65582185, 0x68ab9802, + 0xeecea50f, 0xdb2f953b, 0x2aef7dad, 0x5b6e2f84, + 0x1521b628, 0x29076170, 0xecdd4775, 0x619f1510, + 0x13cca830, 0xeb61bd96, 0x0334fe1e, 0xaa0363cf, + 0xb5735c90, 0x4c70a239, 0xd59e9e0b, 0xcbaade14, + 0xeecc86bc, 0x60622ca7, 0x9cab5cab, 0xb2f3846e, + 0x648b1eaf, 0x19bdf0ca, 0xa02369b9, 0x655abb50, + 0x40685a32, 0x3c2ab4b3, 0x319ee9d5, 0xc021b8f7, + 0x9b540b19, 0x875fa099, 0x95f7997e, 0x623d7da8, + 0xf837889a, 0x97e32d77, 0x11ed935f, 0x16681281, + 0x0e358829, 0xc7e61fd6, 0x96dedfa1, 0x7858ba99, + 0x57f584a5, 0x1b227263, 0x9b83c3ff, 0x1ac24696, + 0xcdb30aeb, 0x532e3054, 0x8fd948e4, 0x6dbc3128, + 0x58ebf2ef, 0x34c6ffea, 0xfe28ed61, 0xee7c3c73, + 0x5d4a14d9, 0xe864b7e3, 0x42105d14, 0x203e13e0, + 0x45eee2b6, 0xa3aaabea, 0xdb6c4f15, 0xfacb4fd0, + 0xc742f442, 0xef6abbb5, 0x654f3b1d, 0x41cd2105, + 0xd81e799e, 0x86854dc7, 0xe44b476a, 0x3d816250, + 0xcf62a1f2, 0x5b8d2646, 0xfc8883a0, 0xc1c7b6a3, + 0x7f1524c3, 0x69cb7492, 0x47848a0b, 0x5692b285, + 0x095bbf00, 0xad19489d, 0x1462b174, 0x23820e00, + 0x58428d2a, 0x0c55f5ea, 0x1dadf43e, 0x233f7061, + 0x3372f092, 0x8d937e41, 0xd65fecf1, 0x6c223bdb, + 0x7cde3759, 0xcbee7460, 0x4085f2a7, 0xce77326e, + 0xa6078084, 0x19f8509e, 0xe8efd855, 0x61d99735, + 0xa969a7aa, 0xc50c06c2, 0x5a04abfc, 0x800bcadc, + 0x9e447a2e, 0xc3453484, 0xfdd56705, 0x0e1e9ec9, + 0xdb73dbd3, 0x105588cd, 0x675fda79, 0xe3674340, + 0xc5c43465, 0x713e38d8, 0x3d28f89e, 0xf16dff20, + 0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7}, + { + 0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934, + 0x411520f7, 0x7602d4f7, 0xbcf46b2e, 0xd4a20068, + 0xd4082471, 0x3320f46a, 0x43b7d4b7, 0x500061af, + 0x1e39f62e, 0x97244546, 0x14214f74, 0xbf8b8840, + 0x4d95fc1d, 0x96b591af, 0x70f4ddd3, 0x66a02f45, + 0xbfbc09ec, 0x03bd9785, 0x7fac6dd0, 0x31cb8504, + 0x96eb27b3, 0x55fd3941, 0xda2547e6, 0xabca0a9a, + 0x28507825, 0x530429f4, 0x0a2c86da, 0xe9b66dfb, + 0x68dc1462, 0xd7486900, 0x680ec0a4, 0x27a18dee, + 0x4f3ffea2, 0xe887ad8c, 0xb58ce006, 0x7af4d6b6, + 0xaace1e7c, 0xd3375fec, 0xce78a399, 0x406b2a42, + 0x20fe9e35, 0xd9f385b9, 0xee39d7ab, 0x3b124e8b, + 0x1dc9faf7, 0x4b6d1856, 0x26a36631, 0xeae397b2, + 0x3a6efa74, 0xdd5b4332, 0x6841e7f7, 0xca7820fb, + 0xfb0af54e, 0xd8feb397, 0x454056ac, 0xba489527, + 0x55533a3a, 0x20838d87, 0xfe6ba9b7, 0xd096954b, + 0x55a867bc, 0xa1159a58, 0xcca92963, 0x99e1db33, + 0xa62a4a56, 0x3f3125f9, 0x5ef47e1c, 0x9029317c, + 0xfdf8e802, 0x04272f70, 0x80bb155c, 0x05282ce3, + 0x95c11548, 0xe4c66d22, 0x48c1133f, 0xc70f86dc, + 0x07f9c9ee, 0x41041f0f, 0x404779a4, 0x5d886e17, + 0x325f51eb, 0xd59bc0d1, 0xf2bcc18f, 0x41113564, + 0x257b7834, 0x602a9c60, 0xdff8e8a3, 0x1f636c1b, + 0x0e12b4c2, 0x02e1329e, 0xaf664fd1, 0xcad18115, + 0x6b2395e0, 0x333e92e1, 0x3b240b62, 0xeebeb922, + 0x85b2a20e, 0xe6ba0d99, 0xde720c8c, 0x2da2f728, + 0xd0127845, 0x95b794fd, 0x647d0862, 0xe7ccf5f0, + 0x5449a36f, 0x877d48fa, 0xc39dfd27, 0xf33e8d1e, + 0x0a476341, 0x992eff74, 0x3a6f6eab, 0xf4f8fd37, + 0xa812dc60, 0xa1ebddf8, 0x991be14c, 0xdb6e6b0d, + 0xc67b5510, 0x6d672c37, 0x2765d43b, 0xdcd0e804, + 0xf1290dc7, 0xcc00ffa3, 0xb5390f92, 0x690fed0b, + 0x667b9ffb, 0xcedb7d9c, 0xa091cf0b, 0xd9155ea3, + 0xbb132f88, 0x515bad24, 0x7b9479bf, 0x763bd6eb, + 0x37392eb3, 0xcc115979, 0x8026e297, 0xf42e312d, + 0x6842ada7, 0xc66a2b3b, 0x12754ccc, 0x782ef11c, + 0x6a124237, 0xb79251e7, 0x06a1bbe6, 0x4bfb6350, + 0x1a6b1018, 0x11caedfa, 0x3d25bdd8, 0xe2e1c3c9, + 0x44421659, 0x0a121386, 0xd90cec6e, 0xd5abea2a, + 0x64af674e, 0xda86a85f, 0xbebfe988, 0x64e4c3fe, + 0x9dbc8057, 0xf0f7c086, 0x60787bf8, 0x6003604d, + 0xd1fd8346, 0xf6381fb0, 0x7745ae04, 0xd736fccc, + 0x83426b33, 0xf01eab71, 0xb0804187, 0x3c005e5f, + 0x77a057be, 0xbde8ae24, 0x55464299, 0xbf582e61, + 0x4e58f48f, 0xf2ddfda2, 0xf474ef38, 0x8789bdc2, + 0x5366f9c3, 0xc8b38e74, 0xb475f255, 0x46fcd9b9, + 0x7aeb2661, 0x8b1ddf84, 0x846a0e79, 0x915f95e2, + 0x466e598e, 0x20b45770, 0x8cd55591, 0xc902de4c, + 0xb90bace1, 0xbb8205d0, 0x11a86248, 0x7574a99e, + 0xb77f19b6, 0xe0a9dc09, 0x662d09a1, 0xc4324633, + 0xe85a1f02, 0x09f0be8c, 0x4a99a025, 0x1d6efe10, + 0x1ab93d1d, 0x0ba5a4df, 0xa186f20f, 0x2868f169, + 0xdcb7da83, 0x573906fe, 0xa1e2ce9b, 0x4fcd7f52, + 0x50115e01, 0xa70683fa, 0xa002b5c4, 0x0de6d027, + 0x9af88c27, 0x773f8641, 0xc3604c06, 0x61a806b5, + 0xf0177a28, 0xc0f586e0, 0x006058aa, 0x30dc7d62, + 0x11e69ed7, 0x2338ea63, 0x53c2dd94, 0xc2c21634, + 0xbbcbee56, 0x90bcb6de, 0xebfc7da1, 0xce591d76, + 0x6f05e409, 0x4b7c0188, 0x39720a3d, 0x7c927c24, + 0x86e3725f, 0x724d9db9, 0x1ac15bb4, 0xd39eb8fc, + 0xed545578, 0x08fca5b5, 0xd83d7cd3, 0x4dad0fc4, + 0x1e50ef5e, 0xb161e6f8, 0xa28514d9, 0x6c51133c, + 0x6fd5c7e7, 0x56e14ec4, 0x362abfce, 0xddc6c837, + 0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0}, + { + 0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b, + 0x5cb0679e, 0x4fa33742, 0xd3822740, 0x99bc9bbe, + 0xd5118e9d, 0xbf0f7315, 0xd62d1c7e, 0xc700c47b, + 0xb78c1b6b, 0x21a19045, 0xb26eb1be, 0x6a366eb4, + 0x5748ab2f, 0xbc946e79, 0xc6a376d2, 0x6549c2c8, + 0x530ff8ee, 0x468dde7d, 0xd5730a1d, 0x4cd04dc6, + 0x2939bbdb, 0xa9ba4650, 0xac9526e8, 0xbe5ee304, + 0xa1fad5f0, 0x6a2d519a, 0x63ef8ce2, 0x9a86ee22, + 0xc089c2b8, 0x43242ef6, 0xa51e03aa, 0x9cf2d0a4, + 0x83c061ba, 0x9be96a4d, 0x8fe51550, 0xba645bd6, + 0x2826a2f9, 0xa73a3ae1, 0x4ba99586, 0xef5562e9, + 0xc72fefd3, 0xf752f7da, 0x3f046f69, 0x77fa0a59, + 0x80e4a915, 0x87b08601, 0x9b09e6ad, 0x3b3ee593, + 0xe990fd5a, 0x9e34d797, 0x2cf0b7d9, 0x022b8b51, + 0x96d5ac3a, 0x017da67d, 0xd1cf3ed6, 0x7c7d2d28, + 0x1f9f25cf, 0xadf2b89b, 0x5ad6b472, 0x5a88f54c, + 0xe029ac71, 0xe019a5e6, 0x47b0acfd, 0xed93fa9b, + 0xe8d3c48d, 0x283b57cc, 0xf8d56629, 0x79132e28, + 0x785f0191, 0xed756055, 0xf7960e44, 0xe3d35e8c, + 0x15056dd4, 0x88f46dba, 0x03a16125, 0x0564f0bd, + 0xc3eb9e15, 0x3c9057a2, 0x97271aec, 0xa93a072a, + 0x1b3f6d9b, 0x1e6321f5, 0xf59c66fb, 0x26dcf319, + 0x7533d928, 0xb155fdf5, 0x03563482, 0x8aba3cbb, + 0x28517711, 0xc20ad9f8, 0xabcc5167, 0xccad925f, + 0x4de81751, 0x3830dc8e, 0x379d5862, 0x9320f991, + 0xea7a90c2, 0xfb3e7bce, 0x5121ce64, 0x774fbe32, + 0xa8b6e37e, 0xc3293d46, 0x48de5369, 0x6413e680, + 0xa2ae0810, 0xdd6db224, 0x69852dfd, 0x09072166, + 0xb39a460a, 0x6445c0dd, 0x586cdecf, 0x1c20c8ae, + 0x5bbef7dd, 0x1b588d40, 0xccd2017f, 0x6bb4e3bb, + 0xdda26a7e, 0x3a59ff45, 0x3e350a44, 0xbcb4cdd5, + 0x72eacea8, 0xfa6484bb, 0x8d6612ae, 0xbf3c6f47, + 0xd29be463, 0x542f5d9e, 0xaec2771b, 0xf64e6370, + 0x740e0d8d, 0xe75b1357, 0xf8721671, 0xaf537d5d, + 0x4040cb08, 0x4eb4e2cc, 0x34d2466a, 0x0115af84, + 0xe1b00428, 0x95983a1d, 0x06b89fb4, 0xce6ea048, + 0x6f3f3b82, 0x3520ab82, 0x011a1d4b, 0x277227f8, + 0x611560b1, 0xe7933fdc, 0xbb3a792b, 0x344525bd, + 0xa08839e1, 0x51ce794b, 0x2f32c9b7, 0xa01fbac9, + 0xe01cc87e, 0xbcc7d1f6, 0xcf0111c3, 0xa1e8aac7, + 0x1a908749, 0xd44fbd9a, 0xd0dadecb, 0xd50ada38, + 0x0339c32a, 0xc6913667, 0x8df9317c, 0xe0b12b4f, + 0xf79e59b7, 0x43f5bb3a, 0xf2d519ff, 0x27d9459c, + 0xbf97222c, 0x15e6fc2a, 0x0f91fc71, 0x9b941525, + 0xfae59361, 0xceb69ceb, 0xc2a86459, 0x12baa8d1, + 0xb6c1075e, 0xe3056a0c, 0x10d25065, 0xcb03a442, + 0xe0ec6e0e, 0x1698db3b, 0x4c98a0be, 0x3278e964, + 0x9f1f9532, 0xe0d392df, 0xd3a0342b, 0x8971f21e, + 0x1b0a7441, 0x4ba3348c, 0xc5be7120, 0xc37632d8, + 0xdf359f8d, 0x9b992f2e, 0xe60b6f47, 0x0fe3f11d, + 0xe54cda54, 0x1edad891, 0xce6279cf, 0xcd3e7e6f, + 0x1618b166, 0xfd2c1d05, 0x848fd2c5, 0xf6fb2299, + 0xf523f357, 0xa6327623, 0x93a83531, 0x56cccd02, + 0xacf08162, 0x5a75ebb5, 0x6e163697, 0x88d273cc, + 0xde966292, 0x81b949d0, 0x4c50901b, 0x71c65614, + 0xe6c6c7bd, 0x327a140a, 0x45e1d006, 0xc3f27b9a, + 0xc9aa53fd, 0x62a80f00, 0xbb25bfe2, 0x35bdd2f6, + 0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b, + 0x53113ec0, 0x1640e3d3, 0x38abbd60, 0x2547adf0, + 0xba38209c, 0xf746ce76, 0x77afa1c5, 0x20756060, + 0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0, 0x4cf9aa7e, + 0x1948c25c, 0x02fb8a8c, 0x01c36ae4, 0xd6ebe1f9, + 0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f, + 0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6} +}; + +#endif diff -urN john-1.6.orig/src/blowfish.c john-1.6/src/blowfish.c --- john-1.6.orig/src/blowfish.c 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/src/blowfish.c 2004-05-20 08:51:37.579707896 +0930 @@ -0,0 +1,186 @@ +/* + * blowfish.c - part of blowfish.mod + * handles: encryption and decryption of passwords + */ +/* + * The first half of this is very lightly edited from public domain + * sourcecode. For simplicity, this entire module will remain public + * domain. + */ +/* + * This is ripped from eggdrop 1.3.28's source files (blowfish.mod) + * Modified by Sun-Zero + * 2002-04-16 +*/ + +#include + +#include "blowfish.h" +#include "bf_tab.h" /* P-box P-array, S-box */ + +/* #define S(x,i) (bf_S[i][x.w.byte##i]) */ +#define S0(x) (bf_S[0][x.w.byte0]) +#define S1(x) (bf_S[1][x.w.byte1]) +#define S2(x) (bf_S[2][x.w.byte2]) +#define S3(x) (bf_S[3][x.w.byte3]) +#define bf_F(x) (((S0(x) + S1(x)) ^ S2(x)) + S3(x)) +#define ROUND(a,b,n) (a.word ^= bf_F(b) ^ bf_P[n]) + +#include + +/* keep a set of rotating P & S boxes */ +static struct box_t { + UWORD_32bits *P; + UWORD_32bits **S; + char key[81]; + char keybytes; +} box; + +//static UWORD_32bits bf_P[bf_N+2]; +//static UWORD_32bits bf_S[4][256]; +static UWORD_32bits *bf_P; +static UWORD_32bits **bf_S; + + +void blowfish_first_init(void) { + box.P = NULL; + box.S = NULL; + box.key[0] = 0; +} + +static void blowfish_encipher(UWORD_32bits * xl, UWORD_32bits * xr) +{ + union aword Xl; + union aword Xr; + + Xl.word = *xl; + Xr.word = *xr; + + Xl.word ^= bf_P[0]; + ROUND(Xr, Xl, 1); + ROUND(Xl, Xr, 2); + ROUND(Xr, Xl, 3); + ROUND(Xl, Xr, 4); + ROUND(Xr, Xl, 5); + ROUND(Xl, Xr, 6); + ROUND(Xr, Xl, 7); + ROUND(Xl, Xr, 8); + ROUND(Xr, Xl, 9); + ROUND(Xl, Xr, 10); + ROUND(Xr, Xl, 11); + ROUND(Xl, Xr, 12); + ROUND(Xr, Xl, 13); + ROUND(Xl, Xr, 14); + ROUND(Xr, Xl, 15); + ROUND(Xl, Xr, 16); + Xr.word ^= bf_P[17]; + + *xr = Xl.word; + *xl = Xr.word; +} + +static void blowfish_init(UBYTE_08bits * key, short keybytes) +{ + int i, j; + UWORD_32bits data; + UWORD_32bits datal; + UWORD_32bits datar; + union aword temp; + + /* is buffer already allocated for this? */ + if (box.P != NULL) { + if ((box.keybytes == keybytes) && + (!strncmp((char *) (box.key), (char *) key, keybytes))) { + /* match! */ + bf_P = box.P; + bf_S = box.S; + return; + } + free(box.P); + for (i = 0; i < 4; i++) + free(box.S[i]); + free(box.S); + } + /* initialize new buffer */ + /* uh... this is over 4k */ + box.P = (UWORD_32bits *) malloc((bf_N + 2) * sizeof(UWORD_32bits)); + box.S = (UWORD_32bits **) malloc(4 * sizeof(UWORD_32bits *)); + for (i = 0; i < 4; i++) + box.S[i] = (UWORD_32bits *) malloc(256 * sizeof(UWORD_32bits)); + bf_P = box.P; + bf_S = box.S; + box.keybytes = keybytes; + strncpy(box.key, key, keybytes); + /* robey: reset blowfish boxes to initial state */ + /* (i guess normally it just keeps scrambling them, but here it's + * important to get the same encrypted result each time) */ + for (i = 0; i < bf_N + 2; i++) + bf_P[i] = initbf_P[i]; + for (i = 0; i < 4; i++) + for (j = 0; j < 256; j++) + bf_S[i][j] = initbf_S[i][j]; + + j = 0; + for (i = 0; i < bf_N + 2; ++i) { + temp.word = 0; + temp.w.byte0 = key[j]; + temp.w.byte1 = key[(j + 1) % keybytes]; + temp.w.byte2 = key[(j + 2) % keybytes]; + temp.w.byte3 = key[(j + 3) % keybytes]; + data = temp.word; + bf_P[i] = bf_P[i] ^ data; + j = (j + 4) % keybytes; + } + datal = 0x00000000; + datar = 0x00000000; + for (i = 0; i < bf_N + 2; i += 2) { + blowfish_encipher(&datal, &datar); + bf_P[i] = datal; + bf_P[i + 1] = datar; + } + for (i = 0; i < 4; ++i) { + for (j = 0; j < 256; j += 2) { + blowfish_encipher(&datal, &datar); + bf_S[i][j] = datal; + bf_S[i][j + 1] = datar; + } + } +} + +/* stuff below this line was written by robey for eggdrop use */ + +/* of course, if you change either of these, then your userfile will + * no longer be able to be shared. :) */ +#define SALT1 0xdeadd061 +#define SALT2 0x23f6b095 + +/* convert 64-bit encrypted password to text for userfile */ +static char *base64 = "./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; + +static void blowfish_encrypt_pass(char *text, char *new) +{ + UWORD_32bits left, right; + int n; + char *p; + + blowfish_init(text, strlen(text)); + left = SALT1; + right = SALT2; + blowfish_encipher(&left, &right); + p = new; + *p++ = '+'; /* + means encrypted pass */ + n = 32; + while (n > 0) { + *p++ = base64[right & 0x3f]; + right = (right >> 6); + n -= 6; + } + n = 32; + while (n > 0) { + *p++ = base64[left & 0x3f]; + left = (left >> 6); + n -= 6; + } + *p = 0; +} + diff -urN john-1.6.orig/src/blowfish.h john-1.6/src/blowfish.h --- john-1.6.orig/src/blowfish.h 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/src/blowfish.h 2004-05-19 08:16:06.000000000 +0930 @@ -0,0 +1,55 @@ +/* modified 19jul1996 by robey -- uses autoconf values now */ +#ifndef _H_BLOWFISH +#define _H_BLOWFISH + +#include "arch.h" + +#define bf_N 16 +#define noErr 0 +#define DATAERROR -1 + +#define UBYTE_08bits unsigned char +#define UWORD_16bits unsigned short + +#define SIZEOF_INT 4 + +#if SIZEOF_INT==4 +#define UWORD_32bits unsigned int +#else +#if SIZEOF_LONG==4 +#define UWORD_32bits unsigned long +#endif +#endif + +/* choose a byte order for your hardware */ + +#if !ARCH_LITTLE_ENDIAN +/* ABCD - big endian - motorola */ +union aword { + UWORD_32bits word; + UBYTE_08bits byte[4]; + struct { + unsigned int byte0:8; + unsigned int byte1:8; + unsigned int byte2:8; + unsigned int byte3:8; + } w; +}; +#endif /* !ARCH_LITTLE_ENDIAN */ + +#if ARCH_LITTLE_ENDIAN +/* DCBA - little endian - intel */ +union aword { + UWORD_32bits word; + UBYTE_08bits byte[4]; + struct { + unsigned int byte3:8; + unsigned int byte2:8; + unsigned int byte1:8; + unsigned int byte0:8; + } w; +}; + +#endif /* ARCH_LITTLE_ENDIAN */ + +#endif diff -urN john-1.6.orig/src/byteorder.h john-1.6/src/byteorder.h --- john-1.6.orig/src/byteorder.h 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/src/byteorder.h 2004-05-19 07:58:58.000000000 +0930 @@ -0,0 +1,274 @@ +/* + Unix SMB/Netbios implementation. + Version 1.9. + SMB Byte handling + Copyright (C) Andrew Tridgell 1992-1998 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#ifndef _BYTEORDER_H +#define _BYTEORDER_H + +/* + This file implements macros for machine independent short and + int manipulation + +Here is a description of this file that I emailed to the samba list once: + +> I am confused about the way that byteorder.h works in Samba. I have +> looked at it, and I would have thought that you might make a distinction +> between LE and BE machines, but you only seem to distinguish between 386 +> and all other architectures. +> +> Can you give me a clue? + +sure. + +The distinction between 386 and other architectures is only there as +an optimisation. You can take it out completely and it will make no +difference. The routines (macros) in byteorder.h are totally byteorder +independent. The 386 optimsation just takes advantage of the fact that +the x86 processors don't care about alignment, so we don't have to +align ints on int boundaries etc. If there are other processors out +there that aren't alignment sensitive then you could also define +CAREFUL_ALIGNMENT=0 on those processors as well. + +Ok, now to the macros themselves. I'll take a simple example, say we +want to extract a 2 byte integer from a SMB packet and put it into a +type called uint16 that is in the local machines byte order, and you +want to do it with only the assumption that uint16 is _at_least_ 16 +bits long (this last condition is very important for architectures +that don't have any int types that are 2 bytes long) + +You do this: + +#define CVAL(buf,pos) (((unsigned char *)(buf))[pos]) +#define PVAL(buf,pos) ((unsigned)CVAL(buf,pos)) +#define SVAL(buf,pos) (PVAL(buf,pos)|PVAL(buf,(pos)+1)<<8) + +then to extract a uint16 value at offset 25 in a buffer you do this: + +char *buffer = foo_bar(); +uint16 xx = SVAL(buffer,25); + +We are using the byteoder independence of the ANSI C bitshifts to do +the work. A good optimising compiler should turn this into efficient +code, especially if it happens to have the right byteorder :-) + +I know these macros can be made a bit tidier by removing some of the +casts, but you need to look at byteorder.h as a whole to see the +reasoning behind them. byteorder.h defines the following macros: + +SVAL(buf,pos) - extract a 2 byte SMB value +IVAL(buf,pos) - extract a 4 byte SMB value +SVALS(buf,pos) signed version of SVAL() +IVALS(buf,pos) signed version of IVAL() + +SSVAL(buf,pos,val) - put a 2 byte SMB value into a buffer +SIVAL(buf,pos,val) - put a 4 byte SMB value into a buffer +SSVALS(buf,pos,val) - signed version of SSVAL() +SIVALS(buf,pos,val) - signed version of SIVAL() + +RSVAL(buf,pos) - like SVAL() but for NMB byte ordering +RSVALS(buf,pos) - like SVALS() but for NMB byte ordering +RIVAL(buf,pos) - like IVAL() but for NMB byte ordering +RIVALS(buf,pos) - like IVALS() but for NMB byte ordering +RSSVAL(buf,pos,val) - like SSVAL() but for NMB ordering +RSIVAL(buf,pos,val) - like SIVAL() but for NMB ordering +RSIVALS(buf,pos,val) - like SIVALS() but for NMB ordering + +it also defines lots of intermediate macros, just ignore those :-) + +*/ + +/* some switch macros that do both store and read to and from SMB buffers */ + +#define RW_PCVAL(read,inbuf,outbuf,len) \ + { if (read) { PCVAL (inbuf,0,outbuf,len); } \ + else { PSCVAL(inbuf,0,outbuf,len); } } + +#define RW_PIVAL(read,big_endian,inbuf,outbuf,len) \ + { if (read) { if (big_endian) { RPIVAL(inbuf,0,outbuf,len); } else { PIVAL(inbuf,0,outbuf,len); } } \ + else { if (big_endian) { RPSIVAL(inbuf,0,outbuf,len); } else { PSIVAL(inbuf,0,outbuf,len); } } } + +#define RW_PSVAL(read,big_endian,inbuf,outbuf,len) \ + { if (read) { if (big_endian) { RPSVAL(inbuf,0,outbuf,len); } else { PSVAL(inbuf,0,outbuf,len); } } \ + else { if (big_endian) { RPSSVAL(inbuf,0,outbuf,len); } else { PSSVAL(inbuf,0,outbuf,len); } } } + +#define RW_CVAL(read, inbuf, outbuf, offset) \ + { if (read) { (outbuf) = CVAL (inbuf,offset); } \ + else { SCVAL(inbuf,offset,outbuf); } } + +#define RW_IVAL(read, big_endian, inbuf, outbuf, offset) \ + { if (read) { (outbuf) = ((big_endian) ? RIVAL(inbuf,offset) : IVAL (inbuf,offset)); } \ + else { if (big_endian) { RSIVAL(inbuf,offset,outbuf); } else { SIVAL(inbuf,offset,outbuf); } } } + +#define RW_SVAL(read, big_endian, inbuf, outbuf, offset) \ + { if (read) { (outbuf) = ((big_endian) ? RSVAL(inbuf,offset) : SVAL (inbuf,offset)); } \ + else { if (big_endian) { RSSVAL(inbuf,offset,outbuf); } else { SSVAL(inbuf,offset,outbuf); } } } + +#undef CAREFUL_ALIGNMENT + +/* we know that the 386 can handle misalignment and has the "right" + byteorder */ +#ifdef __i386__ +#define CAREFUL_ALIGNMENT 0 +#endif + +#ifndef CAREFUL_ALIGNMENT +#define CAREFUL_ALIGNMENT 1 +#endif + +#define CVAL(buf,pos) (((unsigned char *)(buf))[pos]) +#define PVAL(buf,pos) ((unsigned)CVAL(buf,pos)) +#define SCVAL(buf,pos,val) (CVAL(buf,pos) = (val)) + + +#if CAREFUL_ALIGNMENT + +#define SVAL(buf,pos) (PVAL(buf,pos)|PVAL(buf,(pos)+1)<<8) +#define IVAL(buf,pos) (SVAL(buf,pos)|SVAL(buf,(pos)+2)<<16) +#define SSVALX(buf,pos,val) (CVAL(buf,pos)=(val)&0xFF,CVAL(buf,pos+1)=(val)>>8) +#define SIVALX(buf,pos,val) (SSVALX(buf,pos,val&0xFFFF),SSVALX(buf,pos+2,val>>16)) +#define SVALS(buf,pos) ((int16)SVAL(buf,pos)) +#define IVALS(buf,pos) ((int32)IVAL(buf,pos)) +#define SSVAL(buf,pos,val) SSVALX((buf),(pos),((uint16)(val))) +#define SIVAL(buf,pos,val) SIVALX((buf),(pos),((uint32)(val))) +#define SSVALS(buf,pos,val) SSVALX((buf),(pos),((int16)(val))) +#define SIVALS(buf,pos,val) SIVALX((buf),(pos),((int32)(val))) + +#else /* CAREFUL_ALIGNMENT */ + +/* this handles things for architectures like the 386 that can handle + alignment errors */ +/* + WARNING: This section is dependent on the length of int16 and int32 + being correct +*/ + +/* get single value from an SMB buffer */ +#define SVAL(buf,pos) (*(const uint16 *)((const char *)(buf) + (pos))) +#define IVAL(buf,pos) (*(const uint32 *)((const char *)(buf) + (pos))) +#define SVALS(buf,pos) (*(const int16 *)((const char *)(buf) + (pos))) +#define IVALS(buf,pos) (*(const int32 *)((const char *)(buf) + (pos))) + +/* store single value in an SMB buffer */ +#define SVALMOD(buf,pos) (*(uint16 *)((char *)(buf) + (pos))) +#define IVALMOD(buf,pos) (*(uint32 *)((char *)(buf) + (pos))) +#define SVALSMOD(buf,pos) (*(int16 *)((char *)(buf) + (pos))) +#define IVALSMOD(buf,pos) (*(int32 *)((char *)(buf) + (pos))) + +#define SSVAL(buf,pos,val) SVALMOD(buf,pos)=((uint16)(val)) +#define SIVAL(buf,pos,val) IVALMOD(buf,pos)=((uint32)(val)) +#define SSVALS(buf,pos,val) SVALSMOD(buf,pos)=((int16)(val)) +#define SIVALS(buf,pos,val) IVALSMOD(buf,pos)=((int32)(val)) + +#endif /* CAREFUL_ALIGNMENT */ + +/* macros for reading / writing arrays */ + +#define SMBMACRO(macro,buf,pos,val,len,size) \ +{ uint32 l; for (l = 0; l < (uint32)(len); l++) (val)[l] = macro((buf), (pos) + (size)*l); } + +#define SSMBMACRO(macro,buf,pos,val,len,size) \ +{ uint32 l; for (l = 0; l < (uint32)(len); l++) macro((buf), (pos) + (size)*l, (val)[l]); } + +/* reads multiple data from an SMB buffer */ +#define PCVAL(buf,pos,val,len) SMBMACRO(CVAL,buf,pos,val,len,1) +#define PSVAL(buf,pos,val,len) SMBMACRO(SVAL,buf,pos,val,len,2) +#define PIVAL(buf,pos,val,len) SMBMACRO(IVAL,buf,pos,val,len,4) +#define PCVALS(buf,pos,val,len) SMBMACRO(CVALS,buf,pos,val,len,1) +#define PSVALS(buf,pos,val,len) SMBMACRO(SVALS,buf,pos,val,len,2) +#define PIVALS(buf,pos,val,len) SMBMACRO(IVALS,buf,pos,val,len,4) + +/* stores multiple data in an SMB buffer */ +#define PSCVAL(buf,pos,val,len) SSMBMACRO(SCVAL,buf,pos,val,len,1) +#define PSSVAL(buf,pos,val,len) SSMBMACRO(SSVAL,buf,pos,val,len,2) +#define PSIVAL(buf,pos,val,len) SSMBMACRO(SIVAL,buf,pos,val,len,4) +#define PSCVALS(buf,pos,val,len) SSMBMACRO(SCVALS,buf,pos,val,len,1) +#define PSSVALS(buf,pos,val,len) SSMBMACRO(SSVALS,buf,pos,val,len,2) +#define PSIVALS(buf,pos,val,len) SSMBMACRO(SIVALS,buf,pos,val,len,4) + + +/* now the reverse routines - these are used in nmb packets (mostly) */ +#define SREV(x) ((((x)&0xFF)<<8) | (((x)>>8)&0xFF)) +#define IREV(x) ((SREV(x)<<16) | (SREV((x)>>16))) + +#define RSVAL(buf,pos) SREV(SVAL(buf,pos)) +#define RSVALS(buf,pos) SREV(SVALS(buf,pos)) +#define RIVAL(buf,pos) IREV(IVAL(buf,pos)) +#define RIVALS(buf,pos) IREV(IVALS(buf,pos)) +#define RSSVAL(buf,pos,val) SSVAL(buf,pos,SREV(val)) +#define RSSVALS(buf,pos,val) SSVALS(buf,pos,SREV(val)) +#define RSIVAL(buf,pos,val) SIVAL(buf,pos,IREV(val)) +#define RSIVALS(buf,pos,val) SIVALS(buf,pos,IREV(val)) + +/* reads multiple data from an SMB buffer (big-endian) */ +#define RPSVAL(buf,pos,val,len) SMBMACRO(RSVAL,buf,pos,val,len,2) +#define RPIVAL(buf,pos,val,len) SMBMACRO(RIVAL,buf,pos,val,len,4) +#define RPSVALS(buf,pos,val,len) SMBMACRO(RSVALS,buf,pos,val,len,2) +#define RPIVALS(buf,pos,val,len) SMBMACRO(RIVALS,buf,pos,val,len,4) + +/* stores multiple data in an SMB buffer (big-endian) */ +#define RPSSVAL(buf,pos,val,len) SSMBMACRO(RSSVAL,buf,pos,val,len,2) +#define RPSIVAL(buf,pos,val,len) SSMBMACRO(RSIVAL,buf,pos,val,len,4) +#define RPSSVALS(buf,pos,val,len) SSMBMACRO(RSSVALS,buf,pos,val,len,2) +#define RPSIVALS(buf,pos,val,len) SSMBMACRO(RSIVALS,buf,pos,val,len,4) + +#define DBG_RW_PCVAL(charmode,string,depth,base,read,inbuf,outbuf,len) \ + { RW_PCVAL(read,inbuf,outbuf,len) \ + DEBUG(5,("%s%04x %s: ", \ + tab_depth(depth), base,string)); \ + if (charmode) print_asc(5, (unsigned char*)(outbuf), (len)); else \ + { uint32 idx; for (idx = 0; idx < len; idx++) { DEBUG(5,("%02x ", (outbuf)[idx])); } } \ + DEBUG(5,("\n")); } + +#define DBG_RW_PSVAL(charmode,string,depth,base,read,big_endian,inbuf,outbuf,len) \ + { RW_PSVAL(read,big_endian,inbuf,outbuf,len) \ + DEBUG(5,("%s%04x %s: ", \ + tab_depth(depth), base,string)); \ + if (charmode) print_asc(5, (unsigned char*)(outbuf), 2*(len)); else \ + { uint32 idx; for (idx = 0; idx < len; idx++) { DEBUG(5,("%04x ", (outbuf)[idx])); } } \ + DEBUG(5,("\n")); } + +#define DBG_RW_PIVAL(charmode,string,depth,base,read,big_endian,inbuf,outbuf,len) \ + { RW_PIVAL(read,big_endian,inbuf,outbuf,len) \ + DEBUG(5,("%s%04x %s: ", \ + tab_depth(depth), base,string)); \ + if (charmode) print_asc(5, (unsigned char*)(outbuf), 4*(len)); else \ + { uint32 idx; for (idx = 0; idx < len; idx++) { DEBUG(5,("%08x ", (outbuf)[idx])); } } \ + DEBUG(5,("\n")); } + +#define DBG_RW_CVAL(string,depth,base,read,inbuf,outbuf) \ + { RW_CVAL(read,inbuf,outbuf,0) \ + DEBUG(5,("%s%04x %s: %02x\n", \ + tab_depth(depth), base, string, outbuf)); } + +#define DBG_RW_SVAL(string,depth,base,read,big_endian,inbuf,outbuf) \ + { RW_SVAL(read,big_endian,inbuf,outbuf,0) \ + DEBUG(5,("%s%04x %s: %04x\n", \ + tab_depth(depth), base, string, outbuf)); } + +#define DBG_RW_IVAL(string,depth,base,read,big_endian,inbuf,outbuf) \ + { RW_IVAL(read,big_endian,inbuf,outbuf,0) \ + DEBUG(5,("%s%04x %s: %08x\n", \ + tab_depth(depth), base, string, outbuf)); } + +/* Alignment macros. */ +#define ALIGN4(p,base) ((p) + ((4 - (PTR_DIFF((p), (base)) & 3)) & 3)) +#define ALIGN2(p,base) ((p) + ((2 - (PTR_DIFF((p), (base)) & 1)) & 1)) + +#endif /* _BYTEORDER_H */ diff -urN john-1.6.orig/src/john.c john-1.6/src/john.c --- john-1.6.orig/src/john.c 1998-12-03 09:59:50.000000000 +0930 +++ john-1.6/src/john.c 2004-05-20 09:13:08.326484560 +0930 @@ -37,10 +37,12 @@ #endif extern struct fmt_main fmt_DES, fmt_BSDI, fmt_MD5, fmt_BF; -extern struct fmt_main fmt_AFS, fmt_LM; +extern struct fmt_main fmt_AFS, fmt_LM, fmt_NT; +extern struct fmt_main fmt_MYSQL, fmt_SKEY, fmt_KRB4, fmt_BFEgg; extern int unshadow(int argc, char **argv); extern int unafs(int argc, char **argv); +extern int undrop(int argc, char **argv); extern int unique(int argc, char **argv); static struct db_main database; @@ -58,12 +60,17 @@ { if (options.format) strlwr(options.format); + john_register_one(&fmt_BFEgg); john_register_one(&fmt_DES); john_register_one(&fmt_BSDI); john_register_one(&fmt_MD5); john_register_one(&fmt_BF); john_register_one(&fmt_AFS); john_register_one(&fmt_LM); + john_register_one(&fmt_NT); + john_register_one(&fmt_MYSQL); + john_register_one(&fmt_SKEY); + john_register_one(&fmt_KRB4); if (!fmt_list) { fprintf(stderr, "Unknown ciphertext format name requested\n"); @@ -276,6 +283,9 @@ if (!strcmp(name, "unique")) return unique(argc, argv); + if (!strcmp(name, "undrop")) + return undrop(argc, argv); + fprintf(stderr, "Sorry, I can't find myself\n"); return 1; } diff -urN john-1.6.orig/src/loader.c john-1.6/src/loader.c --- john-1.6.orig/src/loader.c 1998-12-03 09:59:50.000000000 +0930 +++ john-1.6/src/loader.c 2004-05-19 08:00:14.000000000 +0930 @@ -18,6 +18,7 @@ #include "signals.h" #include "formats.h" #include "loader.h" +#include "options.h" /* * Flags for read_file(). @@ -183,7 +184,7 @@ static int ldr_split_line(char **login, char **ciphertext, char **gecos, char **home, char *source, struct fmt_main **format, - struct db_options *options, char *line) + struct db_options *db_options, char *line) { char *uid = NULL, *gid = NULL, *shell = NULL; char *tmp; @@ -206,10 +207,27 @@ if (!strncmp(*ciphertext, "NO PASSWORD", 11)) *ciphertext = ""; + /* NT loader hack starts here ! */ + + if (options.format && (strncmp(options.format, "nt", 2)==0)) { + + tmp = ldr_get_field(&line); + *ciphertext = tmp; + + if (!strncmp(*ciphertext, "NO PASSWORD", 11)) + *ciphertext = ""; + else { + *ciphertext -= 4; + strncpy(*ciphertext,"$NT$",4); + } + } + + /* NT loader hack ends here ! */ + if (source) sprintf(source, "%s:%s", uid, line); } - if (options->flags & DB_WORDS || options->shells->head) { + if (db_options->flags & DB_WORDS || db_options->shells->head) { gid = ldr_get_field(&line); do { *gecos = ldr_get_field(&line); @@ -218,13 +236,13 @@ } while (!**gecos && !strcmp(*home, "0") && !strcmp(shell, "0")); } else - if (options->groups->head) { + if (db_options->groups->head) { gid = ldr_get_field(&line); } - if (ldr_check_list(options->users, *login, uid)) return 0; - if (ldr_check_list(options->groups, gid, gid)) return 0; - if (ldr_check_shells(options->shells, shell)) return 0; + if (ldr_check_list(db_options->users, *login, uid)) return 0; + if (ldr_check_list(db_options->groups, gid, gid)) return 0; + if (ldr_check_shells(db_options->shells, shell)) return 0; if (*format) return (*format)->methods.valid(*ciphertext); diff -urN john-1.6.orig/src/md4.c john-1.6/src/md4.c --- john-1.6.orig/src/md4.c 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/src/md4.c 2004-05-19 07:58:58.000000000 +0930 @@ -0,0 +1,187 @@ +/* + Unix SMB/Netbios implementation. + Version 1.9. + a implementation of MD4 designed for use in the SMB authentication protocol + Copyright (C) Andrew Tridgell 1997-1998. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include + + +#ifndef uchar +#define uchar unsigned char +#endif + +#if !defined(uint16) && !defined(HAVE_UINT16_FROM_RPC_RPC_H) +#if (SIZEOF_SHORT == 4) +#define uint16 __ERROR___CANNOT_DETERMINE_TYPE_FOR_INT16; +#else /* SIZEOF_SHORT != 4 */ +#define uint16 unsigned short +#endif /* SIZEOF_SHORT != 4 */ +#endif + +#ifndef uint32 +#define uint32 unsigned int +#endif + +/* NOTE: This code makes no attempt to be fast! + + It assumes that a int is at least 32 bits long +*/ + +static uint32 A, B, C, D; + +static uint32 F(uint32 X, uint32 Y, uint32 Z) +{ + return (X&Y) | ((~X)&Z); +} + +static uint32 G(uint32 X, uint32 Y, uint32 Z) +{ + return (X&Y) | (X&Z) | (Y&Z); +} + +static uint32 H(uint32 X, uint32 Y, uint32 Z) +{ + return X^Y^Z; +} + +static uint32 lshift(uint32 x, int s) +{ + x &= 0xFFFFFFFF; + return ((x<>(32-s)); +} + +#define ROUND1(a,b,c,d,k,s) a = lshift(a + F(b,c,d) + X[k], s) +#define ROUND2(a,b,c,d,k,s) a = lshift(a + G(b,c,d) + X[k] + (uint32)0x5A827999,s) +#define ROUND3(a,b,c,d,k,s) a = lshift(a + H(b,c,d) + X[k] + (uint32)0x6ED9EBA1,s) + +/* this applies md4 to 64 byte chunks */ +static void mdfour64(uint32 *M) +{ + int j; + uint32 AA, BB, CC, DD; + uint32 X[16]; + + for (j=0;j<16;j++) + X[j] = M[j]; + + AA = A; BB = B; CC = C; DD = D; + + ROUND1(A,B,C,D, 0, 3); ROUND1(D,A,B,C, 1, 7); + ROUND1(C,D,A,B, 2, 11); ROUND1(B,C,D,A, 3, 19); + ROUND1(A,B,C,D, 4, 3); ROUND1(D,A,B,C, 5, 7); + ROUND1(C,D,A,B, 6, 11); ROUND1(B,C,D,A, 7, 19); + ROUND1(A,B,C,D, 8, 3); ROUND1(D,A,B,C, 9, 7); + ROUND1(C,D,A,B, 10, 11); ROUND1(B,C,D,A, 11, 19); + ROUND1(A,B,C,D, 12, 3); ROUND1(D,A,B,C, 13, 7); + ROUND1(C,D,A,B, 14, 11); ROUND1(B,C,D,A, 15, 19); + + ROUND2(A,B,C,D, 0, 3); ROUND2(D,A,B,C, 4, 5); + ROUND2(C,D,A,B, 8, 9); ROUND2(B,C,D,A, 12, 13); + ROUND2(A,B,C,D, 1, 3); ROUND2(D,A,B,C, 5, 5); + ROUND2(C,D,A,B, 9, 9); ROUND2(B,C,D,A, 13, 13); + ROUND2(A,B,C,D, 2, 3); ROUND2(D,A,B,C, 6, 5); + ROUND2(C,D,A,B, 10, 9); ROUND2(B,C,D,A, 14, 13); + ROUND2(A,B,C,D, 3, 3); ROUND2(D,A,B,C, 7, 5); + ROUND2(C,D,A,B, 11, 9); ROUND2(B,C,D,A, 15, 13); + + ROUND3(A,B,C,D, 0, 3); ROUND3(D,A,B,C, 8, 9); + ROUND3(C,D,A,B, 4, 11); ROUND3(B,C,D,A, 12, 15); + ROUND3(A,B,C,D, 2, 3); ROUND3(D,A,B,C, 10, 9); + ROUND3(C,D,A,B, 6, 11); ROUND3(B,C,D,A, 14, 15); + ROUND3(A,B,C,D, 1, 3); ROUND3(D,A,B,C, 9, 9); + ROUND3(C,D,A,B, 5, 11); ROUND3(B,C,D,A, 13, 15); + ROUND3(A,B,C,D, 3, 3); ROUND3(D,A,B,C, 11, 9); + ROUND3(C,D,A,B, 7, 11); ROUND3(B,C,D,A, 15, 15); + + A += AA; B += BB; C += CC; D += DD; + + A &= 0xFFFFFFFF; B &= 0xFFFFFFFF; + C &= 0xFFFFFFFF; D &= 0xFFFFFFFF; + + for (j=0;j<16;j++) + X[j] = 0; +} + +static void copy64(uint32 *M, unsigned char *in) +{ + int i; + + for (i=0;i<16;i++) + M[i] = (in[i*4+3]<<24) | (in[i*4+2]<<16) | + (in[i*4+1]<<8) | (in[i*4+0]<<0); +} + +static void copy4(unsigned char *out,uint32 x) +{ + out[0] = x&0xFF; + out[1] = (x>>8)&0xFF; + out[2] = (x>>16)&0xFF; + out[3] = (x>>24)&0xFF; +} + +/* produce a md4 message digest from data of length n bytes */ +void mdfour(unsigned char *out, unsigned char *in, int n) +{ + unsigned char buf[128]; + uint32 M[16]; + uint32 b = n * 8; + int i; + + A = 0x67452301; + B = 0xefcdab89; + C = 0x98badcfe; + D = 0x10325476; + + while (n > 64) { + copy64(M, in); + mdfour64(M); + in += 64; + n -= 64; + } + + for (i=0;i<128;i++) + buf[i] = 0; + memcpy(buf, in, n); + buf[n] = 0x80; + + if (n <= 55) { + copy4(buf+56, b); + copy64(M, buf); + mdfour64(M); + } else { + copy4(buf+120, b); + copy64(M, buf); + mdfour64(M); + copy64(M, buf+64); + mdfour64(M); + } + + for (i=0;i<128;i++) + buf[i] = 0; + copy64(M, buf); + + copy4(out, A); + copy4(out+4, B); + copy4(out+8, C); + copy4(out+12, D); + + A = B = C = D = 0; +} + + diff -urN john-1.6.orig/src/options.c john-1.6/src/options.c --- john-1.6.orig/src/options.c 1998-12-03 09:59:50.000000000 +0930 +++ john-1.6/src/options.c 2004-05-19 08:01:44.000000000 +0930 @@ -58,7 +58,7 @@ {"salts", FLG_SALTS, FLG_SALTS, FLG_PASSWD, OPT_REQ_PARAM, "%d", &options.loader.min_pps}, {"format", FLG_FORMAT, FLG_FORMAT, - FLG_CRACKING_SUP, + 0, FLG_MAKECHARS_CHK | FLG_STDOUT | OPT_REQ_PARAM, OPT_FMT_STR_ALLOC, &options.format}, {"savemem", FLG_SAVEMEM, FLG_SAVEMEM, 0, OPT_REQ_PARAM, @@ -88,7 +88,7 @@ "-shells:[-]SHELL[,..] load users with this (these) shell(s) only\n" \ "-salts:[-]COUNT load salts with at least COUNT passwords only\n" \ "-format:NAME force ciphertext format NAME " \ - "(DES/BSDI/MD5/BF/AFS/LM)\n" \ + "(DES/BSDI/MD5/BF/AFS/LM/NT/MYSQL)\n" \ "-savemem:LEVEL enable memory saving, at LEVEL 1..3\n" void opt_init(int argc, char **argv) diff -urN john-1.6.orig/src/params.h john-1.6/src/params.h --- john-1.6.orig/src/params.h 1998-12-03 09:59:50.000000000 +0930 +++ john-1.6/src/params.h 2004-05-19 07:56:49.000000000 +0930 @@ -53,9 +53,9 @@ * File names. */ #define LOG_NAME "~/john.pot" -#define CFG_NAME "~/john.ini" +#define CFG_NAME "/etc/john.ini" #define RECOVERY_NAME "~/restore" -#define WORDLIST_NAME "~/password.lst" +#define WORDLIST_NAME "/usr/share/john/password.lst" /* * Configuration file section names. diff -urN john-1.6.orig/src/smbencrypt.c john-1.6/src/smbencrypt.c --- john-1.6.orig/src/smbencrypt.c 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/src/smbencrypt.c 2004-05-19 07:58:58.000000000 +0930 @@ -0,0 +1,105 @@ +/* + Unix SMB/Netbios implementation. + Version 1.9. + SMB parameters and setup + Copyright (C) Andrew Tridgell 1992-1998 + Modified by Jeremy Allison 1995. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + + +#include + + +#ifndef uchar +#define uchar unsigned char +#endif + +#if !defined(uint16) && !defined(HAVE_UINT16_FROM_RPC_RPC_H) +#if (SIZEOF_SHORT == 4) +#define uint16 __ERROR___CANNOT_DETERMINE_TYPE_FOR_INT16; +#else /* SIZEOF_SHORT != 4 */ +#define uint16 unsigned short +#endif /* SIZEOF_SHORT != 4 */ +#endif + +#if !defined(int16) && !defined(HAVE_INT16_FROM_RPC_RPC_H) +#if (SIZEOF_SHORT == 4) +#define int16 __ERROR___CANNOT_DETERMINE_TYPE_FOR_INT16; +#else /* SIZEOF_SHORT != 4 */ +#define int16 short +#endif /* SIZEOF_SHORT != 4 */ +#endif + +#include "byteorder.h" + +extern void mdfour(unsigned char *out, unsigned char *in, int n); + + +/* Routines for Windows NT MD4 Hash functions. */ +static int _my_wcslen(int16 *str) +{ + int len = 0; + while(*str++ != 0) + len++; + return len; +} + +/* + * Convert a string into an NT UNICODE string. + * Note that regardless of processor type + * this must be in intel (little-endian) + * format. + */ + +static int _my_mbstowcs(int16 *dst, uchar *src, int len) +{ + int i; + int16 val; + + for(i = 0; i < len; i++) { + val = *src; + SSVAL(dst,0,val); + dst++; + src++; + if(val == 0) + break; + } + return i; +} + +/* + * Creates the MD4 Hash of the users password in NT UNICODE. + */ + +void E_md4hash(uchar *passwd, uchar *p16) +{ + int len; + int16 wpwd[129]; + + /* Password cannot be longer than 128 characters */ + len = strlen((char *)passwd); + if(len > 128) + len = 128; + /* Password must be converted to NT unicode */ + _my_mbstowcs(wpwd, passwd, len); + wpwd[len] = 0; /* Ensure string is null terminated */ + /* Calculate length in bytes */ + len = _my_wcslen(wpwd) * sizeof(int16); + + mdfour(p16, (unsigned char *)wpwd, len); +} + diff -urN john-1.6.orig/src/tgtsnarf.c john-1.6/src/tgtsnarf.c --- john-1.6.orig/src/tgtsnarf.c 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/src/tgtsnarf.c 2004-05-19 08:08:10.000000000 +0930 @@ -0,0 +1,279 @@ +/* + tgtsnarf + + Collect AFS/Kerberos TGTs for later offline dictionary attack. + + Copyright (c) 1999 Dug Song + All rights reserved, all wrongs reversed. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of author may not be used to endorse or promote products + derived from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL + THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define VERSION "1.2" +#define TGT_LENGTH 16 + +#ifndef MIN +#define MIN(a,b) (((a)<(b))?(a):(b)) +#endif + +typedef struct ktext_st { + u_int length; + u_char dat[1250]; +} KTEXT_ST; + +int AFS = 0; + +void +usage(void) +{ + fprintf(stderr, "Usage: tgtsnarf [-A] realm host [users...]\n"); + exit(1); +} + +u_long +resolve_host(char *host) +{ + u_long addr; + struct hostent *hp; + + if ((addr = inet_addr(host)) == -1) { + if ((hp = gethostbyname(host)) == NULL) + return (-1); + memcpy((char *)&addr, hp->h_addr, sizeof(addr)); + } + return (addr); +} + +int +krb_put_int(u_long from, void *to, int size) +{ + int i; + u_char *p = (u_char *)to; + + for (i = size - 1; i >= 0; i--) { + p[i] = from & 0xff; + from >>= 8; + } + return (size); +} + +int +krb_put_string(char *from, void *to) +{ + strcpy((char *)to, from); + return (strlen(from) + 1); +} + +int +make_req(u_char *dst, char *user, char *realm) +{ + char *pname, *pinst; + struct timeval tv; + u_char *p; + + if ((pname = strdup(user)) == NULL) + return (-1); + + if ((pinst = strchr(pname, '.')) != NULL) + *pinst++ = '\0'; + else pinst = pname + strlen(pname); + + gettimeofday(&tv, NULL); + + p = dst; + p += krb_put_int(4, p, 1); /* protocol version */ + p += krb_put_int((1 << 1), p, 1); /* msg type (KDC_REQUEST) */ + p += krb_put_string(pname, p); /* principal name */ + p += krb_put_string(pinst, p); /* principal instance */ + p += krb_put_string(realm, p); /* realm */ + p += krb_put_int(tv.tv_sec, p, 4); /* time */ + p += krb_put_int(120, p, 1); /* lifetime (120) */ + p += krb_put_string("krbtgt", p); /* service name (krbtgt)*/ + p += krb_put_string(realm, p); /* service instance (realm) */ + + free(pname); + + return (p - dst); +} + +int +find_tkt(KTEXT_ST *ktext, u_char *dst, int size) +{ + u_char *p; + int type, len; + + p = ktext->dat; + p += 1; /* version */ + type = *p++; + type &= ~1; /* msg type */ + + if (type != (2 << 1)) /* KDC_REPLY */ + return (-1); + + p += strlen((char*)p) + 1; /* name */ + p += strlen((char*)p) + 1; /* instance */ + p += strlen((char*)p) + 1; /* realm */ + p += 4; /* time */ + p += 1; /* # tickets */ + p += 4; /* exp date */ + p += 1; /* master kvno */ + p += 2; /* length */ + + len = MIN(ktext->length - (p - ktext->dat), size); + memcpy(dst, p, len); + + return (len); +} + +int +fetch_tgt(char *host, char *user, char *realm, u_char *dst, int size) +{ + struct sockaddr_in from, to; + KTEXT_ST ktext; + int sock, alen; + + /* Fill in dest addr. */ + memset(&to, 0, sizeof(to)); + if ((to.sin_addr.s_addr = resolve_host(host)) == -1) { + fprintf(stderr, "bad host: %s\n", host); + return (-1); + } + to.sin_family = AF_INET; + to.sin_port = htons(750); + + /* Fill in our TGT request. */ + ktext.length = make_req(ktext.dat, user, realm); + + /* Send it to KDC. */ + if ((sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) { + perror("socket"); + return (-1); + } + alen = sizeof(to); + if (sendto(sock, ktext.dat, ktext.length, 0, (struct sockaddr *)&to, alen) + < 0) { + perror("send"); + close(sock); + return (-1); + } + /* Read reply. */ + if ((ktext.length = recvfrom(sock, ktext.dat, sizeof(ktext.dat), 0, + (struct sockaddr *)&from, &alen)) <= 0) { + perror("recv"); + close(sock); + return (-1); + } + close(sock); + + /* Extract TGT. */ + return (find_tkt(&ktext, dst, size)); +} + +void +print_tgt(char *host, char *user, char *realm) +{ + u_char tgt[TGT_LENGTH]; + int i, len; + + if ((len = fetch_tgt(host, user, realm, tgt, sizeof(tgt))) == -1) { + fprintf(stderr, "==> couldn't get tgt for %s@%s\n", user, realm); + } + else { + printf("%s:$%s$%s$", user, AFS ? "af" : "k4", realm); + + for (i = 0; i < len; i++) + printf("%.2x", tgt[i]); + + printf("\n"); + } +} + +char * +upcase(char *string) +{ + char *p; + + for (p = string; *p != '\0'; p++) + *p = toupper(*p); + + return (string); +} + +int +main(int argc, char *argv[]) +{ + char c, *p, *host, *realm, user[128]; + int i; + + host = realm = NULL; + + while ((c = getopt(argc, argv, "h?AV")) != EOF) { + switch (c) { + case 'A': + AFS = 1; + break; + case 'V': + fprintf(stderr, "Version: %s\n", VERSION); + usage(); + break; + default: + usage(); + } + } + argc -= optind; + argv += optind; + + if (argc < 2) + usage(); + + realm = upcase(argv[0]); + host = argv[1]; + + if (argc == 2) { + while (fgets(user, sizeof(user), stdin) != NULL) { + if ((p = strrchr(user, '\n')) != NULL) + *p = '\0'; + print_tgt(host, user, realm); + } + } + else { + for (i = 2; i < argc; i++) + print_tgt(host, argv[i], realm); + } + exit(0); +} + +/* 5000 */ diff -urN john-1.6.orig/src/undrop.c john-1.6/src/undrop.c --- john-1.6.orig/src/undrop.c 1970-01-01 09:30:00.000000000 +0930 +++ john-1.6/src/undrop.c 2004-05-19 08:16:06.000000000 +0930 @@ -0,0 +1,110 @@ +/* + * Eggdrop userfile converter + * Copyright (c) 2002 by Sun-Zero + * This is a free software distributable under terms of the GNU GPL. + * See the file COPYING for details. + * + * 2002-04-06 +*/ + +#include +#include +#include + + +#define USERFILE_HEADER "#4v:" +#define USERNAME_LENGTH 11 +#define PASSWORD_LENGTH 13 +#define MAX_FLAGS_LENGTH 32 +#define BUFSIZE 512 + +int readline( FILE *fd, char *rbuf ) { + char c; + int p = 0, rval; + + do + { + rval = fread(&c, 1, 1, fd); + rbuf[p++] = c; + }while( c != EOF && c != '\n' && p + 1 < BUFSIZE && rval == 1 && + !feof(fd) && !ferror(fd) + ); + + rbuf[p] = '\0'; + if( rval != 1 ) + { + p--; + rbuf[p] = '\0'; + return( rval ); + } + + return( p ); +} + + +int undrop(int argc, char *argv[]) { + + FILE *userfile; + char username[USERNAME_LENGTH]; + char password[PASSWORD_LENGTH]; + char flags[MAX_FLAGS_LENGTH]; + char t_username[512]; + char t_flags[512]; + char t_line[BUFSIZE]; + int t_lines; + + char temp_char; + if (argc != 2) { + userfile = stdin; + printf("# userfile reading from stdin\n"); + } else { + userfile = fopen(argv[1], "r"); + if (userfile == NULL) { + fprintf(stderr, "opening userfile\n"); + userfile = stdin; + } + } + + + memset(&t_line, 0, sizeof(t_line)); + t_lines = readline(userfile, t_line); + if (strncmp(t_line, USERFILE_HEADER, strlen(USERFILE_HEADER)) != 0) { + fprintf(stderr, "usefile format is wrong\n"); + return -1; + } else { + printf("# userfile format OK\n\n"); + } + + while (t_lines != 0) { + memset(&t_username, 0, sizeof(t_username)); + memset(&t_flags, 0, sizeof(t_flags)); + memset(&t_line, 0, sizeof(t_line)); + + t_lines = readline(userfile, t_line); + + temp_char = sscanf(t_line, "%10s - %24s\n", t_username, t_flags); + + if (temp_char == 2) { + if (strncmp(t_username, "! ", 2) != 0 && + strncmp(t_username, "--", 2) != 0 && + strncmp(t_username, "&&", 2) != 0 && + strncmp(t_username, "::", 2) != 0 && + strncmp(t_username, "$$", 2) != 0 + ) { + strncpy(username, t_username, USERNAME_LENGTH); + strncpy(flags, t_flags, MAX_FLAGS_LENGTH); + } + } + if (strncmp(t_line, "--PASS +", 8) == 0) { + sscanf(t_line, "--PASS %s", password); + printf("%s:%s:::%s:\n", username, password, flags); + + memset(&username, 0, sizeof(username)); + memset(&flags, 0, sizeof(flags)); + memset(&password, 0, sizeof(password)); + } + fflush(stdout); + } + fclose(userfile); + return 0; +}