John the Ripper Changelog
What's new in John the Ripper 1.7.9
Jan 10, 2012- Added optional parallelization of the MD5-based crypt(3) code with OpenMP.
- Added optional parallelization of the bitslice DES code with OpenMP.
- Replaced the bitslice DES key setup algorithm with a faster one, which
- significantly improves performance at LM hashes, as well as at DES-based
- crypt(3) hashes when there's just one salt (or very few salts).
- Optimized the DES S-box x86-64 (16-register SSE2) assembly code.
- Added support for 10-character DES-based tripcodes (not optimized yet).
- Added support for the "$2y$" prefix of bcrypt hashes.
- Added two more hash table sizes (16M and 128M entries) for faster processing of very large numbers of hashes per salt (over 1M).
- Added two pre-defined external mode variables: "abort" and "status", which
- let an external mode request the current cracking session to be aborted or the status line to be displayed, respectively.
- Made some minor optimizations to external mode function calls and virtual
- machine implementation.
- The "--make-charset" option now uses floating-point rather than 64-bit
- integer operations, which allows for larger CHARSET_* settings in params.h.
- Added runtime detection of Intel AVX and AMD XOP instruction set extensions, with optional fallback to an alternate program binary.
- In OpenMP-enabled builds, added support for fallback to a non-OpenMP build
- when the requested thread count is 1.
- Added relbench, a Perl script to compare two "john --test" benchmark runs,
- such as for different machines, "make" targets, C compilers, optimization
- options, or/and versions of John the Ripper.
- Additional public lists of "top N passwords" have been merged into the
- bundled common passwords list, and some insufficiently common passwords were removed from the list.
- Many minor enhancements and a few bug fixes were made.
New in John the Ripper 1.7.8 (Jan 10, 2012)
- The bitslice DES S-box expressions have been replaced with those generated
- by Roman Rusakov specifically for John the Ripper. The corresponding assembly code for x86 with MMX, SSE2, and for x86-64 with SSE2 has been re-generated.
- For other CPUs and for AVX/XOP, C compilers do a reasonably good job of
- generating the code from the supplied C source files (with intrinsics where
- relevant). The S-box expressions that we were using before had a 21% larger gate count, so theoretically this could provide a 21% speedup. In practice, though, a 12% to 14% speedup at DES-based crypt(3) hashes is typical.
- This effort has been sponsored by Rapid7: http://www.rapid7.com
- Corrected support for bcrypt (OpenBSD Blowfish) hashes of passwords
- containing non-ASCII characters (that is, characters with the 8th bit set).
- Added support for such hashes produced by crypt_blowfish up to 1.0.4, which
- contained a sign extension bug (inherited from older versions of John).
- The old buggy behavior may be enabled per-hash, using the "$2x$" prefix.
- The external mode virtual machine's performance has been improved through additional multi-op instructions matching common instruction sequences assign-pop and some triple- and quad-push VM instructions were added).
- A few minor bug fixes and enhancements were made.
New in John the Ripper 1.7.7 (Jan 10, 2012)
- Added Intel AVX and AMD XOP instruction sets support for bitslice DES
- with C compiler intrinsics). New make targets: linux-x86-64-avx,
- linux-x86-64-xop, linux-x86-avx, and linux-x86-xop (these require recent
- versions of GCC and GNU binutils).
- A "dummy" "format" is now supported (plaintext passwords encoded in
- hexadecimal and prefixed with "$dummy$") - for faster testing and tuning of
- custom wordlists, rule sets, .chr files, and external modes on already known or artificial passwords, as well as for testing of future and modified versions of
- John itself.
- Apache "$apr1$" MD5-based password hashes are now supported along with the FreeBSD-style MD5-based crypt(3) hashes that were supported previously. Hashes of both of these types may be loaded for cracking simultaneously.
- The "--salts" option threshold is now applied before removal of previously
- cracked hashes for consistent behavior with interrupted and continued sessions.
- The "Idle = Y" setting (which is the default) is now ignored for
- OpenMP-enabled hash types when the actual number of threads is greater than 1.
- Unfortunately, it did not work right at least with GNU libgomp on Linux.)
- When a cracking session terminates or is interrupted, John will now warn the
- user if the cracked passwords printed to the terminal while cracking are
- potentially incomplete. It will advise the user to use the "--show" option to
- see the complete set of cracked passwords with proper post-processing.
- When loading hashes specified on a line on their own (feature introduced in
- 1.7.6), the loader will now ignore leading and trailing whitespace.
- Unless a hash type is forced from the command line, the loader will now print
- warnings about additional hash types seen in the input files (beyond the hash
- type autodetected initially).
- For use primarily by the jumbo patch (and later by future enhancements to the official versions as well), the loader now includes logic to warn the user of
- ambiguous hash encodings (e.g. LM vs. NTLM vs. raw-MD5, all of which may be represented as 32 hexadecimal characters) and of excessive partial hash
- collisions, which it works around (these are typically caused by an incomplete
- implementation of a new hash type).
- The "unique" and "unshadow" programs have been made significantly faster.
- "DateTime", "Repeats", "Subsets", "AtLeast1-Simple", "AtLeast1-Generic", and "Policy" external mode samples have been added to the default john.conf.
- The self-tests have been enhanced to detect more kinds of program bugs.
- A few minor bug fixes and enhancements were made.