search

openwall / john

John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs
https://www.openwall.com/john/
Other
10.39k stars 2.11k forks source link

"Unknown hash" cracker format #3415

Open magnumripper opened 6 years ago

magnumripper commented 6 years ago

Here's a crazy idea I got from the PCrack team name of 907f92033ed720bba4da2f3e08588648 😄

We could write an OpenCL format where input is a 128-bit hash of unknown type. Create a format that for every candidate p tries md4(p), md5(p), sha1(p) and so on, also including some common combinations like md5(md5($p)), sha1(md5($p)) and so on (and also doing eg. SHA-2 and SHA-3) as well as things like md5(utf16le(p)). For hashes larger than 128-bits we compare the first (and last?) 128 bits of the resulting hash.

This means we have "GPU-side acceleration" of, say, 16x or more even without mask but we need GPU-side mask as well.

solardiz commented 6 years ago

It's basically like mdxfind (from what I heard about it; I never used it), but on GPU. Yes, I think we should have something like it, although it'd be weird that we'd only have it in OpenCL. A tricky part could be putting those hashes in john.pot with their proper prefixes for their specific formats, but even without that the feature would be nice to have.