accept no compromises

Register | Login

FilesNewsUsersAuthors

Home Files News About Contact Add New

Showing 1 - 25 of 87

Files from Solar Designer

pwgen Crackable Passwords

Posted Jan 18, 2012

Authored by Solar Designer

6% of pwgen passwords generated can get cracked in 2 minutes with NTLM hashes. For the MD5-based crypt(3), NTLM's 2 minutes would translate to 2 days.

tags | advisory

MD5 | 73f292cd5903b6e3d33e6f6e4c1f5af6

Download | Favorite | Comments (0)

John The Ripper 1.7.9 Jumbo 5

Posted Dec 19, 2011

Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro.

Changes: Support for RADIUS shared secrets and for SHA-0 was added. MSSQL (old and 2005), MySQL (SHA-1 based), and Lotus5 hashing were optimized. OpenMP parallelization was added for Lotus5. x86-64 builds now make use of SSE2 intrinsics for more hash and cipher types. More i-suffixed make targets were added (which use an icc-generated assembly file for SSE2 intrinsics), including for 32-bit x86 builds. An MD4 implementation in assembly for x86/SSE2 and MMX was added. An alternate implementation of NTLM hashing was added (--format=nt2). A binary build for Windows was made.

tags | tool, cracker

systems | windows, unix, beos

MD5 | 492a1be4a95cca51919557622cf956e6

Download | Favorite | Comments (0)

John The Ripper 1.7.9

Posted Nov 27, 2011

Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro.

Changes: OpenMP parallelization of MD5-crypt and bitslice DES has been added. DES key setup has been reworked. x86-64 assembly code for DES S-boxes has been optimized. Support for DES-based tripcodes has been added. Larger hash table sizes for faster processing of millions of hashes per salt have been added. Detection of Intel AVX and AMD XOP with fallback to an alternate program binary has been added. Fallback to a non-OpenMP build has been added. A benchmark result comparison tool has been added. The bundled common passwords list has been updated. Many minor enhancements and a few bugfixes were made.

tags | tool, cracker

systems | windows, unix, beos

MD5 | 2b448547109db3777d8068145ea69ddf

Download | Favorite | Comments (0)

John The Ripper 1.7.8 Jumbo 8

Posted Nov 10, 2011

Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro.

Changes: OpenMP support has been added for MD5-based crypt(3) and Apache $apr1$ hashes when building with SSE2 intrinsics, as well as for SAP CODVN B and SAP CODVN G. Raw MD4 has been enhanced with optional SSE2 intrinsics. The SSE2 intrinsics code for MD4, MD5, and SHA-1 has been pre-built with Intel's compiler into an assembly file, used with the new i-suffixed make targets. Support for occasional false positives or multiple correct guesses has been added and made use of for WinZip/AES and CRC-32. md5_gen has been renamed to dynamic. Numerous other fixes and enhancements have been made.

tags | cracker

systems | windows, unix, beos

MD5 | 410035aee95e5855c6d55005645f0af2

Download | Favorite | Comments (0)

John The Ripper 1.7.8 Jumbo 7

Posted Sep 22, 2011

Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro.

Changes: Support for cracking of encrypted PKZIP archives, Mac OS X 10.7 salted SHA-512 hashes, and DES-based tripcodes has been added. Optional OpenMP parallelization has been added for salted SHA-1 hashes of Mac OS X 10.4-10.6. DIGEST-MD5 cracker has been revised to be usable without requiring source code customizations. Experimental support for dynamically loaded plugins has been added. ".include" directive support and duplicate rule suppression have been added for john.conf. Support for additional character encodings and related features has been added. Numerous other enhancements have been made.

tags | cracker

systems | windows, unix, beos

MD5 | d9e55ce5c756436259f4c62bb237474b

Download | Favorite | Comments (0)

John The Ripper 1.7.8 Jumbo 5

Posted Aug 4, 2011

Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro.

Changes: Support for more character encodings via the new "--encoding" option has been added (currently UTF-8, ISO-8859-1, koi8-r, and cp1251). Support for raw SHA-224, SHA-256, SHA-384, and SHA-512 hashes has been added. The Makefile has been revised to work with Solaris native make again.

tags | cracker

systems | windows, unix, beos

MD5 | 64c3d8d2ca4c54c6d246fe7da3eb3c36

Download | Favorite | Comments (0)

John The Ripper 1.7.8 Jumbo 4

Posted Jul 24, 2011

Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro.

Changes: Support for compile-time plugins has been introduced to make it easy to create non-conflicting source code patches adding new hash and cipher types. Performance at MSCash2 (Domain Cached Credentials of modern Windows systems) has been improved through the use of SSE2. "Generic MD5" code has been enhanced to provide more of the MD5 and SHA-1 based hash types under more build targets. WinZip/AES cracker has been enhanced with optional OpenMP parallelization.

tags | cracker

systems | windows, unix, beos

MD5 | b4a8064a30bc2c16f071b94fd8c14d3c

Download | Favorite | Comments (0)

John The Ripper 1.7.8 Jumbo 2

Posted Jul 5, 2011

Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro.

Changes: The jumbo patch has been rebased to 1.7.8. Support for cracking password-protected WinZip archives with AES encryption has been added. Compile-time detection of OpenSSL 0.9.8+ has been added, automatically enabling support for Sybase ASE and hmailserver hashes. The performance on MSCash2 (Domain Cached Credentials of modern Windows systems) has been improved. Other minor performance and portability improvements have been made.

tags | cracker

systems | windows, unix, beos

MD5 | b1be67933c5226c931c672b3e2d16963

Download | Favorite | Comments (0)

John The Ripper 1.7.8

Posted Jun 24, 2011

Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro.

Changes: The bitslice DES S-box expressions and code have been replaced, reducing the gate count by 17% and typically speeding up DES-based crypt(3) cracking by 13%. Support for bcrypt hashes of passwords containing non-ASCII characters has been corrected, and a backwards compatibility feature for broken bcrypt hashes of such passwords has been added. Various other improvements have also been made.

tags | cracker

systems | windows, unix, beos

MD5 | 0bd21b4c430b114f81db0bf952db4a71

Download | Favorite | Comments (0)

John The Ripper 1.7.7 Jumbo 6

Posted Jun 9, 2011

Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro. This is the community enhanced version.

Changes: Support for cracking OpenSSH's passphrase-protected SSH protocol 2 private keys (with OpenMP parallelization), password-protected PDF files with RC4 encryption, and some password-protected RAR archives has been added. Support for SybaseASE, hmailserver, and MediaWiki "B" type password hashes has been added. There were also many minor enhancements.

tags | cracker

systems | windows, unix, beos

MD5 | 5f58b600c6332ab8234fd40d842caed8

Download | Favorite | Comments (0)

John The Ripper 1.7.7 Jumbo 5

Posted Jun 3, 2011

Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro. This is the community enhanced version.

Changes: MD5 and SHA-1 based hashes have been sped up with SSE2 intrinsics. md5_gen has been expanded with more hash types. UTF-8 support has been added ("--utf8"). MPI parallelization support for all cracking modes has been integrated. OpenMP parallelization support has been added to more hash types. New formats have been added: mskrb5 (offline attack on MS Kerberos 5 pre-authentication data), rawMD5unicode (MD5 of UCS-2 encoded plaintext), and salted_sha1 (faster handling of some LDAP {SSHA} hashes). The "unique" program, Markov mode, ETA display, and programming interfaces have been enhanced.

tags | cracker

systems | windows, unix, beos

MD5 | dd2dbbbd467da695f8541fb4f785a937

Download | Favorite | Comments (0)

John The Ripper 1.7.7

Posted Apr 29, 2011

Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro. This is the community enhanced version.

Changes: The jumbo patch has been rebased to 1.7.7. Detection of ambiguous hash encodings has been implemented. Support for larger hash tables has been added for many hash types (most notably, NTLM). The "Apache MD5" "format" has been dropped (implemented in 1.7.7 proper). The --salt-list option has been dropped. Assorted other bugfixes, enhancements, and changes have been made.

tags | cracker

systems | windows, unix, beos

MD5 | b5fde123f4c5f230c5ccda3b765b2de2

Download | Favorite | Comments (0)

John The Ripper 1.7.7

Posted Apr 28, 2011

Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro. This is the community enhanced version.

Changes: Intel AVX (Sandy Bridge) and AMD XOP (Bulldozer) support for bitslice DES has been added. Various other changes.

tags | cracker

systems | windows, unix, beos

MD5 | b9efdefd5b372525bfcc4a8d08328785

Download | Favorite | Comments (0)

FreeBSD-SA-05:02.sendfile Exploit

Posted Apr 1, 2011

Authored by Solar Designer

FreeBSD sendfile exploit that dumps password hashes to stdout.

tags | exploit

systems | freebsd

advisories | CVE-2005-0708

MD5 | f1db486fb43019b54464424e4fe5e5d5

Download | Favorite | Comments (0)

John The Ripper 1.7.6 Jumbo 12

Posted Feb 16, 2011

Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro. This is the community enhanced version.

Changes: The "generic MD5" self-test bug with "-sse2" and "-mmx" builds (introduced in -jumbo-10) has been corrected. MSCash and MSCash2 OpenMP parallelization has been enhanced to adjust the number of key slots according to the number of threads.

tags | cracker

systems | windows, unix, beos

MD5 | 891c1f6196ebd2e30d4bc08069856f26

Download | Favorite | Comments (0)

John The Ripper 1.7.6 Jumbo 11

Posted Feb 8, 2011

Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro. This is the community enhanced version.

Changes: An x86-64-specific NTLM hash comparison bug has been fixed. Self-tests have been enhanced to detect such bugs in the future. Support for cracking of MSCash2 (Domain Cached Credentials of modern Windows systems) with optional OpenMP parallelization has been added. Similar OpenMP parallelization for the original MSCash has been added. OpenMP-enabled RPM packages for x86-64 Fedora 13 and 14 have been built.

tags | cracker

systems | windows, unix, beos

MD5 | 4087a713af261908779c00c35a14fb98

Download | Favorite | Comments (0)

John The Ripper 1.7.6

Posted Jun 16, 2010

Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro.

Changes: crypt(3) support has been added e.g. for SHA-crypt and SunMD5, with OpenMP parallelization on Linux and Solaris. John\'s Blowfish code has also been parallelized with OpenMP. A more suitable version of x86 assembly Blowfish code is now chosen on Core i7. More optimal DES S-boxes for PowerPC/AltiVec have been integrated. The bitslice DES code has been reworked to allow for the use of arbitrary SIMD intrinsics and mixed-type vectors (e.g., 192-bit with SSE2+MMX). The loader will now detect hashes on a line on their own. The handling of tty settings with "--stdin" and Ctrl-C has been improved.

tags | cracker

systems | windows, unix, beos

MD5 | ce1dffc6e347906205d14c4d6a210491

Download | Favorite | Comments (0)

John The Ripper 1.7.5

Posted Feb 26, 2010

Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, and BeOS. Its primary purpose is to detect weak Unix passwords, but a number of other hash types are supported as well.

Changes: Support for the use of --format along with --show or --make-charset has been added. The choice of .rec and .log filenames has been made more intuitive. A new numeric variable has been added to the rules engine. Various other fixes and additions have been made.

tags | cracker

systems | windows, unix, beos

MD5 | f9cf7c1da9e0e8202637950407442331

Download | Favorite | Comments (0)

Openwall Linux Kernel Patch 2.4.37.9

Posted Feb 20, 2010

Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: The patch has been updated to Linux 2.4.37.9. A post-2.4.37.9 upstream fix for FAT filesystems has been added. The FAQ has been updated.

tags | overflow, kernel

systems | linux

MD5 | ea4e7d83f29a200b961dc6992e26927f

Download | Favorite | Comments (0)

john-1.7.4.2.tar.gz

Posted Feb 4, 2010

Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, and BeOS. Its primary purpose is to detect weak Unix passwords, but a number of other hash types are supported as well.

Changes: Major performance improvements for processing of very large password files or sets of files have been implemented. Some previously missed common Web site passwords found on public lists of "top N passwords" have been added to the bundled common passwords list. Some bugs introduced in 1.7.4 have been fixed.

tags | cracker

systems | windows, unix, beos

MD5 | 330644382dc91d1e29e23ce4b7eb7ab0

Download | Favorite | Comments (0)

John The Ripper 1.7.4

Posted Dec 30, 2009

Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, and BeOS. Its primary purpose is to detect weak Unix passwords, but a number of other hash types are supported as well.

Changes: The word mangling rules engine has been enhanced in many ways, including addition of support for back-references and "parallel" ranges to the preprocessor, the notion of numeric variables, more rule commands and reject flags, as well as performance improvements. The default rulesets have been revised to make use of the new features, for speed, to produce fewer duplicates, and to generate additional kinds of candidate passwords. The idle priority emulation code has been optimized for lower overhead, and the Idle setting has been enabled by default.

tags | cracker

systems | windows, unix, beos

MD5 | f4d6a95f98b6ab05f12aa899430c1642

Download | Favorite | Comments (0)

Openwall Linux Kernel Patch 2.4.37.7-ow1

Posted Nov 18, 2009

Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: The patch has been updated to Linux 2.4.37.7.

tags | overflow, kernel

systems | linux

MD5 | ccaf3046d45bdb35f10ea9ff80e68782

Download | Favorite | Comments (0)

Openwall Linux Kernel Patch 2.4.37.6

Posted Oct 26, 2009

Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: The patch has been updated to Linux 2.4.37.6. A fix for a typographical error in one of the information leak fixes included into 2.4.37.6 has been added.

tags | overflow, kernel

systems | linux

MD5 | 4c39e6d63554149628ae40a1ecf90520

Download | Favorite | Comments (0)

John The Ripper 1.7.3.4

Posted Sep 21, 2009

Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, and BeOS. Its primary purpose is to detect weak Unix passwords, but a number of other hash types are supported as well.

Changes: "make check" has been implemented (for Unix-like systems only), primarily for use by packages of JtR. The "--test" option will now take an optional argument - the duration of each benchmark in seconds. The section .note.GNU-stack has been added to all assembly files to avoid the stack area unnecessarily being made executable on Linux systems that use this mechanism. Some very minor bugs that did not affect normal operation have been fixed.

tags | cracker

systems | windows, unix, beos

MD5 | b8055b53076691add77a717721e8b170

Download | Favorite | Comments (0)

Openwall Linux Kernel Patch

Posted Aug 23, 2009

Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: Besides being an update to the 2.4.37.5 kernel release, this revision of the patch adds a fix for the sigaltstack local information leak affecting 64-bit kernel builds.)

tags | overflow, kernel

systems | linux

advisories | CVE-2009-2847

MD5 | b0fa23f0a9c6e22a38cab9dfc469d636

Download | Favorite | Comments (0)