Source Code 1994 March

home *** CD-ROM | disk | FTP | other *** search

/ Source Code 1994 March / Source_Code_CD-ROM_Walnut_Creek_March_1994.iso / compsrcs / misc / volume28 / crack / part04 < prev next >

Wrap

Internet Message Format | 1992-03-18 | 56.1 KB

From: aem@aber.ac.uk (Alec David Muffett) Newsgroups: comp.sources.misc Subject: v28i113: crack - The Unix Password Cracker, version 4.1, Part04/05 Message-ID: <1992Mar18.143916.24004@aber.ac.uk> Date: 18 Mar 92 14:39:16 GMT Approved: aem@aber.ac.uk X-Md4-Signature: fd21f3ae9fb0b5b97354f85f58cce3dc Submitted-by: aem@aber.ac.uk (Alec David Muffett) Posting-number: Volume 28, Issue 113 Archive-name: crack/part04 Environment: UNIX Supersedes: crack: Volume 25, Issue 5-9 #! /bin/sh # it by saving it into a file and typing "sh file". To overwrite existing # files, type "sh file -c". You can also feed this as standard input via # unshar, or by typing "sh <file", e.g.. If this archive is complete, you # will see the following message at the end: # "End of archive 4 (of 5)." # Contents: Docs/readme.ms Sources/crack-fcrypt.c # Wrapped by aem@aberfa on Wed Mar 18 14:08:37 1992 PATH=/bin:/usr/bin:/usr/ucb ; export PATH if test -f 'Docs/readme.ms' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'Docs/readme.ms'\" else echo shar: Extracting \"'Docs/readme.ms'\" $28998 characters$ sed "s/^X//" >'Docs/readme.ms' <<'END_OF_FILE' X.de C X.ie n .B "\\$1" \\$2 X.el .CW "\\$1" \\$2 X.. X.TL X"Crack Version 4.1" X.br XA Sensible Password Checker for Unix X.AU XAlec D.E. Muffett X.AI XUnix Software Engineer XAberystwyth, Wales, UK X.I "(aem@aber.ac.uk or alec_muffett@hicom.lut.ac.uk)" X.AB X.B Crack Xis a freely available program designed to find standard Unix Xeight-character DES encrypted passwords by standard guessing techniques Xoutlined below. It is written to be flexible, configurable and fast, Xand to be able to make use of several networked hosts via the Berkeley X.C rsh Xprogram (or similar), where possible. X.AE X.NH 1 XStatement of Intent X.LP XThis package is meant as a proving device to aid the construction of Xsecure computer systems. Users of Crack are advised that they may get Xseverly hassled by authoritarian type sysadmin dudes if they run Crack Xwithout proper authorisation. X.NH 1 XIntroduction to Version 4.0 X.LP XCrack is now into it's fourth version, and has been reworked extensively Xto provide extra functionality, and the purpose of this release is to Xconsolidate as much of this new functionality into as small a package as Xpossible. To this end, Crack may appear to be less configurable: it has Xbeen written on the assumption that you run a fairly modern Unix, one Xwith BSD functionality, and then patched in order to run on other Xsystems. X.LP XThis, surprisingly enough, has led to neater code, and has made possible Xthe introduction of greater flexibility which supercedes many of the Xoptions that could be configured in earlier versions of Crack. In the Xsame vein, some of the older options are now mandatory. These, such as X.I "feedback mode" Xand X.C CRACK_PRINTOUT Xare no longer supported as options and probably never will be again. XThere is just a lot of wastage in not running with them, and too many Xdependencies in other functions to bother programming around them. X.LP XThe user interface is basically identical to the previous versions, Xalthough some people have asked about providing X-windows GUI's to XCrack, I think it would be a waste of time to do so. Crack has far Xless options than your ordinary version of X.C /bin/ls . X.NH 1 XIntroduction to Version 4.1 X.LP XVersion 4.1 of the Crack program is an attempt to extend the features Xintroduced in v4.0 and provide hooks for external libraries such as XMichael Glad's wonderful X.B UFC Xcrypt() implementation, which (on some platforms) can outperform my Xfcrypt() by a factor of 3. I have also been burdened with the task of Xmaking Crack's memory handling bombproof (hah!) in the vague hope that Xit will survive running out of memory on small machines.\** X.FS X- or even on large ones. Brian Tompsett at Hull tweaked Crack v3.3 Xuntil it could run to completion after filling the swapspace on each of a Xnetwork of SparcStation2's. Due to restructuring work on v4.0, I have Xhad to write my own sorting algorithm & re-implement all of his tweaks Xfrom scratch, and can only hope that I have emulated the bombproofness Xof this desirable (?) functionality. X.FE X.LP XThe extensions that I mention above regard the addition of extra Xprimitives to the dictionary processing language which permit the Xproduction of more concise dictionaries containing words, more of which Xare likely to be passwords. The idea is to gain efficiency by removing Xsome of the dross from the generated dictionaries. X.LP XCrack should (generally) be more disk-space efficient now that the Xprogram can spot dictionaries which have been compressed using X.I compress Xor X.I pack Xand will uncompress them on the fly as necessary (using X.I zcat Xor X.I pcat Xrespectively).\** X.FS XNote to people who are short on memory or swap: do remember that to do Xthis Crack will have to X.I fork() X(via X.I popen() ) Xand might not be able to create the uncompressing process. Hence, if Xyou intend to swaplock your machine, don't compress the dictionaries. XSwitch this off by editing the X.C Crack Xshellscript. X.FE X.NH 1 XCrack Methodology - Part 1: Internals X.LP XCrack takes as its input a series of password files and source Xdictionaries. It merges the dictionaries, turns the password files into Xa sorted list, and generates lists of possible passwords from the merged Xdictionary or from information gleaned about users from the password Xfile. XIt does X.B not Xattempt to remedy the problem of allowing users to have guessable Xpasswords, and it should X.B NOT Xbe used in place of getting a really good, secure X.C passwd Xprogram replacement.\** X.FS XSee the end of ths document for more information about X.I passwd Xreplacements. X.FE X.LP XThe above paragraphs define the purpose of Crack, and embody a great Xdeal of hard work, screams of X.I Eureka! , Xdrunkeness, and a fair amount of swearing too. There is a lot Xof thinking, philosophy, and empirical guesswork behind the way that XCrack attacks password files, and although it is not perfect, I Xcertainly hope that Crack will out-do most of it's competitors. X.LP XCrack works by making many individual passes over the password entries Xthat you supply to it. Each pass generates password guesses based upon Xa sequence of rules, supplied to the program by the Xuser. The rules are specified in a simplistic language in the files X.C gecos.rules Xand X.C dicts.rules , Xto be found in the X.C Scripts Xdirectory. XThe distinction between these two files will be made clear later. X.LP XThe rules are written as a simple string of characters, with one rule to Xa line. Blank lines, and comment lines beginning with a hash character X.B # Xare ignored. Trailing whitespace is also ignored. The instructions in Xthe rule are followed from left to right, and are applied to the Xdictionary words one by one, as the words are loaded. Some simple Xpattern matching primitives are provided for selection purposes, so that Xif the dictionary word does not match the pattern, it is ignored. This Xsaves on time and memory. Before carrying on, I suggest that you browse Xthrough X.C Scripts/dicts.rules , Xtake a look at the rules supplied as defaults, and try to work out what Xthey do. X.LP XThe rules are stored in two different files for two different purposes. XRules in X.C Scripts/gecos.rules Xare applied to data generated by Crack from the pw_gecos and pw_gecos Xentries of the user's password entry. The data fed to the gecos rules Xfor the user X.I "aem", Xwho is X.I "Alec David Muffett, Systems" Xwould be: X.I "aem", X.I "Alec", X.I "David", X.I "Muffett", X.I "Systems", Xand a series of permutations of those words, either re-ordering the Xwords and joining them together (eg: X.I "AlecMuffett" ), Xor making up new words based on initial letters of one word taken with Xthe rest of another (eg: X.I "AMuffett" ).\** X.FS X- and X.I ASystems Xand X.I DSystems , Xand X.I MSystems , Xetc... because Crack does not differentiate. Hence, care should be Xtaken to check for redundancy when adding new rules, so as not to waste Xtime during the gecos pass. X.FE X.LP XThe entire set of rules in gecos.rules is applied to each of these Xwords, which creates many more permutations and combinations, all of Xwhich are tested. Hence testing the password gecos information under XCrack v4.0 and upwards takes somewhat longer than previously, but it is Xfar more thorough. X.sp 1v X.LP XAfter a pass has been made over the data based on gecos information, XCrack makes further passes over the password data using successive rules Xfrom the X.C Scripts/dicts.rules Xby loading the whole of X.C Dicts/bigdict Xfile into memory, with the rule being applied to each word from that Xfile. This generates a X.I "resident dictionary" , Xwhich is sorted and uniqued so as to prevent wasting time on repetition. XAfter each pass is completed, the memory used by the resident dictionary Xis freed up, and (hopefully) re-used when the next dictionary is loaded. X.LP XThe X.C Dicts/bigdict Xdictionary is created by Crack by merging, sorting, and uniq'ing the Xsource dictionaries, which are to be found in the directory X.C DictSrc Xand which may also be named in the Crack shellscript, via the X.C $STDDICT Xvariable. (The default value of $STDDICT is X.C /usr/dict/words ). X.LP XThe file X.C DictSrc/bad_pws.dat Xis a dictionary which is meant to provide many of those common but Xnon-dictionary passwords, such as X.I 12345678 Xor X.I qwerty . X.LP XIf you wish to provide a dictionary of your own, just copy it into the X.C DictSrc Xdirectory (use X.C compress Xon it if you wish to save space; Crack will unpack it whilst generating Xthe big dictionary) and then delete the contents of the X.C Dicts Xdirectory by running X.C Scripts/spotless . XYour new dictionary will be merged in on the next run. For more Xinformation on dictionary attacks, see the X.I excellent Xpaper called "Foiling the Cracker: A Survey of, and Improvements to, XPassword Security" by Daniel Klein, available from X.I "ftp.sei.cmu.edu" Xin X.I "~/pub/dvk/passwd.*" . XAlso, please read the X.C APPENDIX Xfile supplied with this distribution.\** X.FS XExtra dictionaries (those detailed in Dan Klein's paper) can be Xobtained via anonymous FTP from X.I ftp.uu.net X(137.39.1.9) as X.I ~/pub/dictionaries.tar.Z ; Xor check an X.I Archie Xdatabase for other possible sources of dictionaries. X.FE X.LP XHaving described the method of cracking, perhaps we should now Xinvestigate the algorithm used to overlay the cracking mechanism. X.NH 1 XCrack Methodology - Part 2: Feedback Filters X.LP XAs is stated above, Crack permutes and loads dictionaries directly Xinto memory, sorts and uniques them, before attempting to use each of Xthe words as a guess for each users' password. If Crack correctly Xguesses a password, it marks the user as X.I done Xand does not waste Xfurther time on trying to break that users password. X.LP XOnce Crack has finished a dictionary pass, it sweeps the list of users Xlooking for the passwords it has cracked. It stores the cracked passwords Xin both plaintext and encrypted forms in a X.I "feedback file" Xin the directory X.C Runtime . XFeedback files have names of the form X.C Runtime/F* . X.LP XThe purpose of this is so that, when Crack is next invoked, it may Xrecognise passwords that it has successfully cracked before, and filter Xthem from the input to the password cracker. This provides an X.I instant Xlist of crackable users who have not changed their passwords since the Xlast time Crack was run. This list appears in a file with name X.C out* Xin the X.C $CRACK_OUT Xdirectory, or on X.I stdout , Xif foreground mode is invoked (see X.I Options , Xbelow). X.LP XIn a similar vein, when a Crack run terminates normally, it writes out Xto the feedback file all encrypted passwords that it has X.B NOT Xsucceeded in cracking. Crack will then ignore all of these passwords Xnext time you run it. X.LP XObviously, this is not desirable if you frequently change your Xdictionaries or rules, and so there is a script provided, X.C Scripts/mrgfbk Xwhich sorts your feedback files, merges them into one, and optionally Xremoves all traces of 'uncrackable' passwords, so that your next Crack Xrun can have a go at passwords it has not succeeded in breaking before. X.LP X.C Mrgfbk Xis invoked automatically if you run X.C Scripts/spotless . X.NH 1 XCrack Methodology - Part 3: Execution and Networking X.LP XEach time Crack is invoked, whether networked or not, it generates a X.I diefile Xwith a name of the form X.C Runtime/D* X(for network cracks, this file is generated by RCrack, and is of the form X.C Runtime/DR* Xwhich points to a X.B real Xdiefile, named X.C Runtime/RD* X- see below for details). X.LP XThese diefiles contain debugging information about the job, and are Xgenerated so that all the jobs on the entire network can be called Xquickly by invoking X.C Scripts/plaster . XDiefiles delete themselves after they have been run. X.LP XAs you will read in the sections below, Crack has a X.C "-network" Xoption: This is designed to be a simple method of automatically Xspreading the load of password cracking out over several machines on a Xnetwork, preferably if they are connected by some form of networked Xfilestore. X.LP XWhen X.C "Crack -network" Xis invoked, it filters its input in the ordinary way, and then splits Xits load up amongst several machines which are specified in the file X.C Scripts/network.conf . X.LP XThis file contains a series of hostnames, power ratings, flags, etc, Xrelevant to the running of Crack on each machine. Crack then calls X.C Scripts/RCrack Xto use the X.C rsh Xcommand (or similar) to invoke Crack on the other hosts. See the RCrack Xscript, and the example network.conf file for details. X.NH 1 XInstallation X.LP XCrack is one of those most unusual of beasties, a self-installing Xprogram. Some people have complained about this apparent weirdness, but Xit has grown up with Crack ever since the earliest network version, when XI could not be bothered to log into several different machines with Xseveral different architectures, just in order to build the binaries. XOnce the necessary configuration options have been set, the executables Xare created via X.C make Xby running the Crack shellscript . X.LP XCrack's configuration lies in two files, the X.C Crack Xshell script, which contains all the installation specific configuration Xdata, and the file X.C Sources/conf.h , Xwhich contains configuration options specific to various binary platforms. X.LP XIn the Crack shellscript, you will have to edit the X.C CRACK_HOME Xvariable to the correct value. This variable should be set to an Xabsolute path name (names relative to X.I ~username Xare OK, so long as you have some sort of X.C csh ) Xthrough which the directory containing Crack may be accessed on X.B ALL Xthe machines that Crack will be run on. There is a similar variable X.C CRACK_OUT Xwhich specifies where Crack should put its output files - by default, Xthis is the same as X.C "$CRACK_HOME" . X.LP XYou will also have to edit the file X.C Sources/conf.h Xand work out which switches to enable. Each X.C #define Xhas a small note explaining its purpose. Where I have been in doubt about Xthe portability of certain library functions, usually I have re-written Xit, so you should be OK. Let me know of your problems, if you have any. X.LP XIf you will be using X.C "Crack -network" Xyou will then have to generate a X.C Scripts/network.conf Xfile. This contains a list of hostnames to X.C rsh Xto, what their X.I "binary type" Xis (useful when running a network Crack on several different Xarchitectures), a guesstimate of their X.I "relative power" X(take your slowest machine as unary, and measure all others relative to Xit), and a list of per-host X.I flags Xto X.B add Xto those specified on the X.C Crack Xcommand line, when calling that host. There is an example of such a Xfile provided in the Scripts directory - take a look at it. X.LP XIf ever you wish to specify a more precise figure as to the relative Xpower of your machines, or you are simply at a loss, play with the Xcommand X.C "make tests" Xin the source code directory. This can provide you with the number of Xfcrypt()s that your machine can do per second, which is a number that Xyou can plug into your X.C network.conf Xas a measure of your machines' power (after rounding the value to an Xinteger). X.NH 1 XUsage X.LP XOkay, so, let's assume that you have edited your X.C Crack Xscript, and your X.C Sources/conf.h Xfile, where do you go from here ? X.LP X.DS B X.fi X.C Crack X[\c X.I options ] X[\c X.I bindir ] X.C /etc/passwd X[...other passwd files] X.sp 1v X.C "Crack -network" X[\c X.I options ] X.C /etc/passwd X[...other passwd files] X.DE X.LP XWhere X.B bindir Xis the optional name of the directory where you want the binaries Xinstalled. This is useful where you want to be able to run versions of XCrack on several different architectures. If X.B bindir Xdoes not exist, a warning will be issued, and the directory created. X.QP XNote: X.B bindir Xdefaults to the name X.C generic Xif not supplied. X.QP X.LP X.B "Notes for Yellow Pages (NIS) Users:" XI have occasional queries about how to get Crack running from a YP Xpassword file. There are several methods, but by far the simplest is to Xgenerate a passwd format file by running:- X.DS B X.C "ypcat passwd > passwd.yp" X.DE Xand then running Crack on this file. X.NH 1 XOptions X.IP "\fB-f\fP" XRuns Crack in X.I foreground Xmode, ie: the password cracker is not backgrounded, and messages appear Xon stdout and stderr as you would expect. This option is only really Xuseful for very small password files, or when you want to put a wrapper Xscript around Crack. X.IP XForeground mode is disabled if you try running X.C "Crack -network -f" Xon the command line, because of the insensibility of X.C rsh ing Xto several machines in turn, waiting for each one to finish before Xcalling the next. However, please read the section about X.I "Network Cracking without NFS/RFS" , Xbelow. X.IP "\fB-v\fP" XSets verbose mode, whereby Crack will print every guess it is trying on Xa per-user basis. This is a very quick way of flooding your filestore, Xbut useful if you think something is going wrong. X.IP "\fB-m\fP" XSends mail to any user whose password you crack by invoking X.C Scripts/nastygram Xwith their username as an argument. The reason for using the script is Xso that a degree of flexibility in the format of the mail message is Xsupplied; ie: you don't have to recompile code in order to change the Xmessage.\** X.FS XI'm uncertain about the wisdom of mailing someone like this. If someone Xbrowses your cracked user's mail somehow, it's like a great big neon Xsign pointing at the user saying "This Is A Crackable Account - Go For XIt!". Not to mention the false sense of security it engenders in the XSystem Manager that he's "informed" the user to change his password. XWhat if the user doesn't log on for 3 months? However, so many people Xhave wired it into their own versions of Crack, I suppose it X.B must Xbe provided... AEM X.FE X.IP "\fB-nvalue\fP" XSets the process to be X.C nice() ed Xto X.I value , Xso, for example, the switch X.C \&-n19 Xsets the Crack process to run at the lowest priority. X.IP "\fB-network\fP" XThrows Crack into network mode, in which it reads the X.C Scripts/network.conf Xfile, splits its input into chunks which are sized according to the Xpower of the target machine, and calls X.C rsh Xto run Crack on that machine. Options for Crack running on the target Xmachine may be supplied on the command line (eg: verbose or recover Xmode), or in the network.conf file if they pertain to specific hosts X(eg: X.C nice() Xvalues). X.IP "\fB-r<pointfile>\fP" XThis is only for use when running in X.I recover Xmode. When a running Crack starts pass 2, it periodically saves its Xstate in a X.I pointfile , Xwith a name of the form X.C "Runtime/P.*" XThis file can be used to recover where you were should a host crash. XSimply invoke Crack in X.B exactly Xthe same manner as the last time, with the addition of the X.C "-r" Xswitch, (eg: X.C "-rRuntime/Pfred12345" ) Xswitch. Crack will startup and read the file, and jump to roughly where Xit left off. If you are cracking a very large password file, this can Xsave oodles of time after a crash. X.IP XIf you were running a X.I network XCrack, then the jobs will again be spawned onto all the machines of the Xoriginal Crack. The program will then check that the host it is running Xon is the same as is mentioned in the pointfile. If it is not, it will Xquietly die. Thus, assuming that you supply the same input data and do Xnot change your X.C network.conf Xfile, Crack should pick up where it left off. This is a bit inelegant, Xbut it's better than nothing at the moment. X.IP XThe method of error recovery outlined above causes headaches for users Xwho want to do multiprocessing on parallel architectures. Crack is in Xno way parallel, and because of the way it's structured (reading stdin Xfrom shellscript frontends) it is a pain to divide the work amongst Xseveral processes via X.C fork() ing. X.IP XThe hack solution to get several copies of Crack running on one machine Xwith X.I n Xprocessors at the moment is to insert X.I n Xcopies of the entry for your parallel machine into the X.C Scripts/network.conf Xfile. If you use the X.C \&-r Xoption in these circumstances however, you will get X.I n Xcopies of the recovered process running, only one of them will have the Xcorrect input data. X.IP XThe old solution to this problem (see old documentation if you are Xinterested) has been negated by the introduction of feedback mode, so Xthe best bet in this particular situation is to wait until the other Xjobs are done (and have written out lists of uncrackable passwords), and Xthen re-start the jobs from scratch. Anyone whose password was not Xcracked on the first run will be ignored on the second, if they have not Xchanged it since. This is inelegant, but it's the best I can do in the Xlimited time available. X.NH XSupport Scripts X.LP XThe X.C Scripts Xdirectory contains a small number of support and utility scripts, some Xof which are designed to help Crack users check their progress. XBriefly, the most useful ones are:- X.IP "\fBScripts/shadmrg\fP" XThis is a small (but hopefully readable) script for merging X.C /etc/passwd Xand X.C /etc/shadow Xon System V style shadow password systems. It produces the merged data Xto stdout, and will need redirecting into a file before Crack can work Xon it. The script is meant to be fairly lucid, on the grounds that I Xworry that there are many shadowing schemes out there, and perhaps not Xall have the same data format. X.IP X.B "I have not" Xwired this facility into the Crack command itself because the world does X.B NOT Xrevolve around System V yet, regardless of what some people would have Xme believe, and I believe that the lack of direct support for NIS Xoutlined above, sets a precedent. There are just too many Xincompatibilities in shadow password schemes for me to hardwire Xanything. X.IP "\fBScripts/plaster\fP" Xwhich is named after a dumb joke, but is a simple frontend to the X.C "Runtime/D*" Xdiefiles that each copy of the password cracker generates. Invoking X.C Scripts/plaster Xwill kill off all copies of the password cracker you are running, over Xthe network or otherwise. X.IP "\fBScripts/status\fP" XThis script X.C rsh es Xto each machine mentioned in the X.C Scripts/network.conf Xfile, and provides some information about processes and uptime on that Xmachine. This is useful when you want to find out just how well your Xpassword crackers are getting on during a X.C "Crack -network" . X.IP "\fBScripts/{clean,spotless}\fP" XThese are really just frontends to a makefile. Invoking X.C Scripts/clean Xtidies up the Crack home directory, and removes probably unwanted files, Xbut leaves the pre-processed dictionary X.C bigdict Xintact. X.C Scripts/spotless Xdoes the same as X.C Scripts/clean Xbut obliterates X.C bigdict Xand old output files too, and compresses the feedback files into one. X.IP "\fBScripts/nastygram\fP" XThis is the shellscript that is invoked by the password cracker to send Xmail to users who have guessable passwords, if the X.C -m Xoption is used. Edit it at your leisure to suit your system. X.IP "\fBScripts/guess2fbk\fP" XThis script takes your X.C out* Xfiles as arguments and reformats the 'Guessed' lines into a slightly Xmessy X.I feedback Xfile, suitable for storing with the others. X.IP XAn occasion where this might be useful is when your cracker has guessed Xmany peoples passwords, and then died for some reason (a crash?) before Xwriting out the guesses to a feedback file. Running X.DS B X.C "Scripts/guess2fbk out* >> Runtime/F.new" X.DE Xwill save the work that has been done. X.NH 1 XNetwork Cracking without NFS/RFS X.LP XFor those users who have some form of X.C rsh Xcommand, but do not have a a networked filestore running between hosts, Xthere is now a solution which will allow you to do networked cracking, Xproposed to me by Brian Tompsett at Hull. Personally, I consider the Xidea to be potty, but it fills in missing functionality in a wonderfully Xtacky manner. X.LP XFrom the documentation above, you will note that Crack will undo the X.C "-f" X.I "(output in foreground)" Xoption, if it is invoked with the X.C "-network" Xswitch at the same time (see the X.I Options Xsection above). This is true, but it does not apply if you specify X.C "-f" Xoption in the X.C network.conf Xfile. X.LP XThe practical upshot of doing this is that remote copies of Crack Xcan be made to read from X.I stdin Xand write to X.I stdout Xover a network link, and thus remote processing is accomplished. I have Xtweaked Crack in such a way, therefore, that if the X.C "-f" Xoption is specified amongst the crack-flags of a host in the Xnetwork.conf, rather than backgrounding itself on the remote host, the X.C rsh Xcommand on the X.B server Xis backgrounded, and output is written directly to the files on the Xserver's filestore. X.LP XThere are restrictions upon this method, mostly involving the number of Xprocesses that a user may run on the server at any one time, and that Xyou will have to collect feedback output together manually (dropping it Xinto the X.C Runtime Xdirectory on the server). However, it works. Also, if you try to use X.C rsh Xas another user, you will suffer problems if X.C rsh Xinsists on reading something from your terminal (eg: a password for the Xremote account). Also, recovering using checkpointing goes out the Xwindow unless you specify the name of the pointfile as it is named Xon the remote machine. X.NH 1 XUFC Support and notes on fast crypt() implementations X.LP XThe stdlib version of the X.C crypt() Xsubroutine is incredibly slow. It is a X.I massive Xbottleneck to the execution of Crack and on typical platforms that you Xget at universities, it is rare to find a machine which will achieve Xmore than 50 standard crypt() s per second. On low-end diskless Xworkstations, you may expect 2 or 3 per second. It was this slowness of Xthe crypt() algorithm which originally supplied much of the security XUnix needed.\** X.FS XSee: "Password Security, A Case History" by Bob Morris & Ken Thomson, in Xthe Unix Programmer Docs. X.FE X.LP XThere are now X.B many Ximplementations of faster versions of crypt() Xto be found on the network. The one supplied with Crack v3.2 and Xupwards is called X.C fcrypt() . XIt was originally written in May 1986 by Robert Baldwin at MIT, and is a Xgood version of the crypt() subroutine. I received a copy from Icarus XSparry at Bath University, who had made a couple of portability Xenhancements to the code. X.LP XI rewrote most of the tables and the KeySchedule generating algorithm in Xthe original X.I fdes-init.c Xto knock 40% off the execution overhead of fcrypt() in the form that it Xwas shipped to me. I inlined a bunch of stuff, put it into a single Xfile, got some advice from Matt Bishop and Bob Baldwin [both of whom I Xam greatly indebted to] about what to do to the X.C xform() Xroutine and to the fcrypt function itself, and tidied up some Xalgorithms. I have also added more lookup tables and reduced several Xformula for faster use. Fcrypt() is now barely recognisable as being Xbased on its former incarnation, and it is 3x faster. X.LP XOn a DecStation 5000/200, fcrypt() is about 16 times faster than the Xstandard crypt (your mileage may vary with other architectures and Xcompilers). This speed puts fcrypt() into the "moderately fast" league Xof crypt implementations. X.LP XAmongst other crypt implementations available is X.B UFC Xby Michael Glad. UFC-crypt is a version of the crypt subroutine which Xis optimised for machines with 32-bit long integers and generally Xoutperforms my fcrypt() by a factor of between 1 and 3, for a tradeoff Xof large memory usage, and memory-cache unfriendliness. Hooks for even Xmore optimised assembler versions of crypt() are also provided for some Xplatforms (Sun, HP, ...). Getting UFC to work on 16 bit architectures Xis nearly impossible. X.LP XHowever, on most architectures, UFC generates a stunning increase in the Xpower of Crack, and so, from v4.1 onwards, Crack is written to Xautomatically make use of UFC if it can find it. All that you have to Xdo is to obtain a suitable copy of UFC (preferably a version which Xmentions that it is compatible with X.C "Crack v4.1" , Xand unpack it into a directory called X.C ufc-crypt Xin X.C $CRACK_HOME , Xand then delete your old binaries. UFC will then be detected, compiled, Xtested and used in preference to fcrypt() by the Crack program, wherever Xpossible. X.NH 1 XConclusions X.LP XWhat can be done about brute force attacks on your password file ? X.LP XYou must get a drop-in replacement for the X.C passwd Xand X.C yppasswd Xcommands; one which will stop people from choosing bad passwords in the Xfirst place. There are several programs to do this; Matt Bishop's X.C "passwd+" Xand Clyde Hoover's X.C "npasswd" Xprogram are good examples which are freely available. Consult an X.B Archie Xdatabase for more details on where you can get them from. X.LP XIt would be nice if an organisation (such as X.B CERT ?) Xcould be persuaded to supply skeletons of X.I sensible Xpasswd commands for the public good, as well as an archive of security Xrelated utilities\** Xon top of the excellent X.C COPS . X.FS X.C COPS Xis available for anonymous FTP from X.I "cert.sei.cmu.edu" X(128.237.253.5) in X.I ~/cops X.FE XHowever, for Unix security to improve on a global scale, we will also Xrequire pressure on the vendors, so that programs are written correctly Xfrom the beginning. END_OF_FILE if test 28998 -ne `wc -c <'Docs/readme.ms'`; then echo shar: \"'Docs/readme.ms'\" unpacked with wrong size! fi # end of 'Docs/readme.ms' fi if test -f 'Sources/crack-fcrypt.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'Sources/crack-fcrypt.c'\" else echo shar: Extracting \"'Sources/crack-fcrypt.c'\" $24546 characters$ sed "s/^X//" >'Sources/crack-fcrypt.c' <<'END_OF_FILE' X/* X * This program is copyright Alec Muffett 1991 except for some portions of X * code in "crack-fcrypt.c" which are copyright Robert Baldwin, Icarus Sparry X * and Alec Muffett. The author(s) disclaims all responsibility or liability X * with respect to it's usage or its effect upon hardware or computer X * systems, and maintain copyright as set out in the "LICENCE" document which X * accompanies distributions of Crack v4.0 and upwards. X */ X X/* X * Misc defs for the fast password transform optimisations. X */ X X#include "crack.h" X X#define reg register X#define uns unsigned X#define unsb uns char X#define unsl uns long X X/* X * Types for the different ways to represent DES bit patterns. Bits are X * always right justified within fields. Bits which have lower indices in X * the NBS spec are stored in the vax bits with less significance (e.g., Bit X * 1 of NBS spec is stored in the bit with weight 2 ** 0 to the Vax. X */ X X#define obpb1 unsb /* One bit per byte. */ X#define sbpb6 unsb /* Six bits per byte, 6 held. */ X#define sbpb6R unsb /* Six bits per byte Reversed order, 6 held. */ X#define sbpb24 unsl /* Six bits per byte, 24 held. */ X#define ebpb24 unsl /* Eight bits per bit, 24 held. */ X#define fbpb4 unsb /* Four bits per byte, 4 held. */ X#define fbpb4R unsb /* Four bits per byte Reversed order, 4 held. */ X X/* X * The operation (6 * x) is often better optimised as this (for really X * braindead compilers) - AEM X */ X X#ifdef BRAINDEAD6 X#define SIX_TIMES(exprn) (((exprn) << 2) + ((exprn) << 1)) X#else X#define SIX_TIMES(exprn) (6 * (exprn)) X#endif /* BRAINDEAD6 */ X X/* DES transformation type... */ X Xunion SDATA X{ X sbpb24 b[2]; X sbpb6 c[8]; X}; X#ifndef FDES_4BYTE /* Thanks to Matt Bishop for this idea -AEM. */ X#define SIZEFIX 0 X#define INDIRECT(a,b) (a)[b] X#else X#define SIZEFIX 2 /* "n" where 2^n == sizeof(sbpb24) */ X#define INDIRECT(a,b) (*((sbpb24 *)(((unsigned char *) a) + (b)))) X#endif X X/* X * These used to be rather slow and frequently used functions - AEM X */ X X#define TF_TO_SIXBIT(tf) \ X (sbpb24)((tf & 077L) | \ X ((tf & 07700L) << 2) | \ X ((tf & 0770000L) << 4) | \ X ((tf & 077000000L) << 6)) X X#define SIXBIT_TO_TF(sb) \ X (ebpb24)((sb & 0x3fL) | \ X ((sb & 0x3f00L) >> 2) | \ X ((sb & 0x3f0000L) >> 4) | \ X ((sb & 0x3f000000L) >> 6)) X X/* X * Data segment gathered into one place, try to keep this stuff long aligned X * - AEM X */ X Xstatic char iobuf[16]; Xstatic obpb1 crypt_block[72]; /* 72 is next multiple of 8 bytes after 66 */ Xstatic sbpb24 KS[32]; Xstatic sbpb24 S0H[64], S1H[64], S2H[64], S3H[64]; Xstatic sbpb24 S4H[64], S5H[64], S6H[64], S7H[64]; Xstatic sbpb24 S0L[64], S1L[64], S2L[64], S3L[64]; Xstatic sbpb24 S4L[64], S5L[64], S6L[64], S7L[64]; Xstatic sbpb24 out96[4]; X X/* X * Start of the real thing X */ X Xvoid Xfsetkey () X{ X /* X * This used to be utterly horrendous. It still is, but it's much, much, X * smaller... (and quite a bit faster...) - AEM X */ X static unsb KeyToKS[] = X { X 9, 50, 33, 59, 48, 16, 32, 56, 1, 8, 18, 41, 2, 34, 25, 24, X 43, 57, 58, 0, 35, 26, 17, 40, 21, 27, 38, 53, 36, 3, 46, 29, X 4, 52, 22, 28, 60, 20, 37, 62, 14, 19, 44, 13, 12, 61, 54, 30, X 1, 42, 25, 51, 40, 8, 24, 48, 58, 0, 10, 33, 59, 26, 17, 16, X 35, 49, 50, 57, 56, 18, 9, 32, 13, 19, 30, 45, 28, 62, 38, 21, X 27, 44, 14, 20, 52, 12, 29, 54, 6, 11, 36, 5, 4, 53, 46, 22, X 50, 26, 9, 35, 24, 57, 8, 32, 42, 49, 59, 17, 43, 10, 1, 0, X 48, 33, 34, 41, 40, 2, 58, 16, 60, 3, 14, 29, 12, 46, 22, 5, X 11, 28, 61, 4, 36, 27, 13, 38, 53, 62, 20, 52, 19, 37, 30, 6, X 34, 10, 58, 48, 8, 41, 57, 16, 26, 33, 43, 1, 56, 59, 50, 49, X 32, 17, 18, 25, 24, 51, 42, 0, 44, 54, 61, 13, 27, 30, 6, 52, X 62, 12, 45, 19, 20, 11, 60, 22, 37, 46, 4, 36, 3, 21, 14, 53, X 18, 59, 42, 32, 57, 25, 41, 0, 10, 17, 56, 50, 40, 43, 34, 33, X 16, 1, 2, 9, 8, 35, 26, 49, 28, 38, 45, 60, 11, 14, 53, 36, X 46, 27, 29, 3, 4, 62, 44, 6, 21, 30, 19, 20, 54, 5, 61, 37, X 2, 43, 26, 16, 41, 9, 25, 49, 59, 1, 40, 34, 24, 56, 18, 17, X 0, 50, 51, 58, 57, 48, 10, 33, 12, 22, 29, 44, 62, 61, 37, 20, X 30, 11, 13, 54, 19, 46, 28, 53, 5, 14, 3, 4, 38, 52, 45, 21, X 51, 56, 10, 0, 25, 58, 9, 33, 43, 50, 24, 18, 8, 40, 2, 1, X 49, 34, 35, 42, 41, 32, 59, 17, 27, 6, 13, 28, 46, 45, 21, 4, X 14, 62, 60, 38, 3, 30, 12, 37, 52, 61, 54, 19, 22, 36, 29, 5, X 35, 40, 59, 49, 9, 42, 58, 17, 56, 34, 8, 2, 57, 24, 51, 50, X 33, 18, 48, 26, 25, 16, 43, 1, 11, 53, 60, 12, 30, 29, 5, 19, X 61, 46, 44, 22, 54, 14, 27, 21, 36, 45, 38, 3, 6, 20, 13, 52, X 56, 32, 51, 41, 1, 34, 50, 9, 48, 26, 0, 59, 49, 16, 43, 42, X 25, 10, 40, 18, 17, 8, 35, 58, 3, 45, 52, 4, 22, 21, 60, 11, X 53, 38, 36, 14, 46, 6, 19, 13, 28, 37, 30, 62, 61, 12, 5, 44, X 40, 16, 35, 25, 50, 18, 34, 58, 32, 10, 49, 43, 33, 0, 56, 26, X 9, 59, 24, 2, 1, 57, 48, 42, 54, 29, 36, 19, 6, 5, 44, 62, X 37, 22, 20, 61, 30, 53, 3, 60, 12, 21, 14, 46, 45, 27, 52, 28, X 24, 0, 48, 9, 34, 2, 18, 42, 16, 59, 33, 56, 17, 49, 40, 10, X 58, 43, 8, 51, 50, 41, 32, 26, 38, 13, 20, 3, 53, 52, 28, 46, X 21, 6, 4, 45, 14, 37, 54, 44, 27, 5, 61, 30, 29, 11, 36, 12, X 8, 49, 32, 58, 18, 51, 2, 26, 0, 43, 17, 40, 1, 33, 24, 59, X 42, 56, 57, 35, 34, 25, 16, 10, 22, 60, 4, 54, 37, 36, 12, 30, X 5, 53, 19, 29, 61, 21, 38, 28, 11, 52, 45, 14, 13, 62, 20, 27, X 57, 33, 16, 42, 2, 35, 51, 10, 49, 56, 1, 24, 50, 17, 8, 43, X 26, 40, 41, 48, 18, 9, 0, 59, 6, 44, 19, 38, 21, 20, 27, 14, X 52, 37, 3, 13, 45, 5, 22, 12, 62, 36, 29, 61, 60, 46, 4, 11, X 41, 17, 0, 26, 51, 48, 35, 59, 33, 40, 50, 8, 34, 1, 57, 56, X 10, 24, 25, 32, 2, 58, 49, 43, 53, 28, 3, 22, 5, 4, 11, 61, X 36, 21, 54, 60, 29, 52, 6, 27, 46, 20, 13, 45, 44, 30, 19, 62, X 25, 1, 49, 10, 35, 32, 48, 43, 17, 24, 34, 57, 18, 50, 41, 40, X 59, 8, 9, 16, 51, 42, 33, 56, 37, 12, 54, 6, 52, 19, 62, 45, X 20, 5, 38, 44, 13, 36, 53, 11, 30, 4, 60, 29, 28, 14, 3, 46, X 17, 58, 41, 2, 56, 24, 40, 35, 9, 16, 26, 49, 10, 42, 33, 32, X 51, 0, 1, 8, 43, 34, 25, 48, 29, 4, 46, 61, 44, 11, 54, 37, X 12, 60, 30, 36, 5, 28, 45, 3, 22, 27, 52, 21, 20, 6, 62, 38 X }; X X reg int i; X reg unsigned long r; X reg unsb *k; X X k = KeyToKS; X X for (i = 0; i < 32; i++) X { X /* 16-bit tweaks suggested by cip_maz@fb6tcp.physik.uni-paderborn.de */ X /* inlining speedup tweak suggested by tahorsley@csd.harris.com */ X /* (strange addition compensates missing TF_TO_SIXBIT) */ X r = (unsigned long) crypt_block[*(k++)]; X r |= (unsigned long) crypt_block[*(k++)] << 1; X r |= (unsigned long) crypt_block[*(k++)] << 2; X r |= (unsigned long) crypt_block[*(k++)] << 3; X r |= (unsigned long) crypt_block[*(k++)] << 4; X r |= (unsigned long) crypt_block[*(k++)] << 5; X r |= (unsigned long) crypt_block[*(k++)] << (2 + 6); X r |= (unsigned long) crypt_block[*(k++)] << (2 + 7); X r |= (unsigned long) crypt_block[*(k++)] << (2 + 8); X r |= (unsigned long) crypt_block[*(k++)] << (2 + 9); X r |= (unsigned long) crypt_block[*(k++)] << (2 + 10); X r |= (unsigned long) crypt_block[*(k++)] << (2 + 11); X r |= (unsigned long) crypt_block[*(k++)] << (4 + 12); X r |= (unsigned long) crypt_block[*(k++)] << (4 + 13); X r |= (unsigned long) crypt_block[*(k++)] << (4 + 14); X r |= (unsigned long) crypt_block[*(k++)] << (4 + 15); X r |= (unsigned long) crypt_block[*(k++)] << (4 + 16); X r |= (unsigned long) crypt_block[*(k++)] << (4 + 17); X r |= (unsigned long) crypt_block[*(k++)] << (6 + 18); X r |= (unsigned long) crypt_block[*(k++)] << (6 + 19); X r |= (unsigned long) crypt_block[*(k++)] << (6 + 20); X r |= (unsigned long) crypt_block[*(k++)] << (6 + 21); X r |= (unsigned long) crypt_block[*(k++)] << (6 + 22); X r |= (unsigned long) crypt_block[*(k++)] << (6 + 23); X KS[i] = r; X } X} X Xvoid XXForm (saltvalue) X sbpb24 saltvalue; X{ X#ifdef BIG_ENDIAN /* Icarus Sparry, Bath - mod AEM */ X#define STEP -- X#define START &sdata.c[7] X#define Dl sdata.b[1] X#define Dh sdata.b[0] X#else X#ifdef LITTLE_ENDIAN X#define STEP ++ X#define START &sdata.c[0] X#define Dl sdata.b[0] X#define Dh sdata.b[1] X#endif X /* else error */ X#endif X union SDATA sdata; X reg sbpb24 Rl; X reg sbpb24 Rh; X reg sbpb24 Ll; X reg sbpb24 Lh; X reg sbpb6 *dp; X int loop; X int kloop; X sbpb24 *kp; X reg sbpb24 k; X#ifdef FDES_8BYTE X reg sbpb24 tmpi; X#endif /* FDES_8BYTE */ X X Ll = Lh = Rl = Rh = 0; X X for (loop = 25; loop--; /* nothing */ ) X { X kp = KS; X for (kloop = 8; kloop--; /* nothing */ ) X { X k = (Rl ^ Rh) & saltvalue; X#ifndef FDES_8BYTE X Dl = (k ^ Rl ^ *kp++) << SIZEFIX; X Dh = (k ^ Rh ^ *kp++) << SIZEFIX; X#else X /* hack to make things work better - matthew kaufman */ X /* I haven't tried any of this - I don't have a cray... AEM */ X tmpi = (k ^ Rl ^ *kp++); X sdata.c[3] = (tmpi >> 24) & 0x00ff; X sdata.c[2] = (tmpi >> 16) & 0x00ff; X sdata.c[1] = (tmpi >> 8) & 0x00ff; X sdata.c[0] = (tmpi) & 0x00ff; X tmpi = (k ^ Rh ^ *kp++); X sdata.c[7] = (tmpi >> 24) & 0x00ff; X sdata.c[6] = (tmpi >> 16) & 0x00ff; X sdata.c[5] = (tmpi >> 8) & 0x00ff; X sdata.c[4] = (tmpi) & 0x00ff; X#endif /* FDES_8BYTE */ X X dp = START; X Lh ^= INDIRECT (S0H, *dp); X Ll ^= INDIRECT (S0L, *dp STEP); X Lh ^= INDIRECT (S1H, *dp); X Ll ^= INDIRECT (S1L, *dp STEP); X Lh ^= INDIRECT (S2H, *dp); X Ll ^= INDIRECT (S2L, *dp STEP); X Lh ^= INDIRECT (S3H, *dp); X Ll ^= INDIRECT (S3L, *dp STEP); X Lh ^= INDIRECT (S4H, *dp); X Ll ^= INDIRECT (S4L, *dp STEP); X Lh ^= INDIRECT (S5H, *dp); X Ll ^= INDIRECT (S5L, *dp STEP); X Lh ^= INDIRECT (S6H, *dp); X Ll ^= INDIRECT (S6L, *dp STEP); X Lh ^= INDIRECT (S7H, *dp); X Ll ^= INDIRECT (S7L, *dp STEP); X X k = (Ll ^ Lh) & saltvalue; X#ifndef FDES_8BYTE X Dl = (k ^ Ll ^ *kp++) << SIZEFIX; X Dh = (k ^ Lh ^ *kp++) << SIZEFIX; X#else X tmpi = (k ^ Ll ^ *kp++); X sdata.c[3] = (tmpi >> 24) & 0x00ff; X sdata.c[2] = (tmpi >> 16) & 0x00ff; X sdata.c[1] = (tmpi >> 8) & 0x00ff; X sdata.c[0] = (tmpi) & 0x00ff; X tmpi = (k ^ Lh ^ *kp++); X sdata.c[7] = (tmpi >> 24) & 0x00ff; X sdata.c[6] = (tmpi >> 16) & 0x00ff; X sdata.c[5] = (tmpi >> 8) & 0x00ff; X sdata.c[4] = (tmpi) & 0x00ff; X#endif /* FDES_8BYTE */ X X dp = START; X Rh ^= INDIRECT (S0H, *dp); X Rl ^= INDIRECT (S0L, *dp STEP); X Rh ^= INDIRECT (S1H, *dp); X Rl ^= INDIRECT (S1L, *dp STEP); X Rh ^= INDIRECT (S2H, *dp); X Rl ^= INDIRECT (S2L, *dp STEP); X Rh ^= INDIRECT (S3H, *dp); X Rl ^= INDIRECT (S3L, *dp STEP); X Rh ^= INDIRECT (S4H, *dp); X Rl ^= INDIRECT (S4L, *dp STEP); X Rh ^= INDIRECT (S5H, *dp); X Rl ^= INDIRECT (S5L, *dp STEP); X Rh ^= INDIRECT (S6H, *dp); X Rl ^= INDIRECT (S6L, *dp STEP); X Rh ^= INDIRECT (S7H, *dp); X Rl ^= INDIRECT (S7L, *dp STEP); X } X X Ll ^= Rl; X Lh ^= Rh; X Rl ^= Ll; X Rh ^= Lh; X Ll ^= Rl; X Lh ^= Rh; X } X X /* X * for reasons that I cannot explain, if I insert the contents of the X * UnXForm function right HERE, making the tweaks as necessary to avoid X * using out96[] to pass data, I LOSE 30% of my speed. I don't know why. X * Hence, I continue to use out96[]... X */ X { X reg sbpb24 *qp; X qp = out96; X *qp++ = Ll; X *qp++ = Lh; X *qp++ = Rl; X *qp++ = Rh; X } X} X Xvoid XUnXForm () X{ X reg sbpb24 Rl; X reg sbpb24 Rh; X reg sbpb24 Ll; X reg sbpb24 Lh; X reg obpb1 *ptr; X reg long int mask; X register long int *lip; X X Ll = SIXBIT_TO_TF (out96[0]); X Lh = SIXBIT_TO_TF (out96[1]); X Rl = SIXBIT_TO_TF (out96[2]); X Rh = SIXBIT_TO_TF (out96[3]); X X#ifdef BUILTIN_CLEAR X lip = (long int *) crypt_block; X for (mask = (sizeof (crypt_block) / sizeof (long int)); mask--; /* - */ ) X { X *(lip++) = 0L; X } X#else /* BUILTIN_CLEAR */ X bzero (crypt_block, 66); X#endif /* BUILTIN_CLEAR */ X X ptr = crypt_block; X mask = 0x000400L; X if (Rl & mask) X *ptr = 0x01; X ptr++; X if (Ll & mask) X *ptr = 0x01; X ptr++; X mask = 0x400000L; X if (Rl & mask) X *ptr = 0x01; X ptr++; X if (Ll & mask) X *ptr = 0x01; X ptr++; X mask = 0x000400L; X if (Rh & mask) X *ptr = 0x01; X ptr++; X if (Lh & mask) X *ptr = 0x01; X ptr++; X mask = 0x400000L; X if (Rh & mask) X *ptr = 0x01; X ptr++; X if (Lh & mask) X *ptr = 0x01; X ptr++; X mask = 0x000200L; X if (Rl & mask) X *ptr = 0x01; X ptr++; X if (Ll & mask) X *ptr = 0x01; X ptr++; X mask = 0x200000L; X if (Rl & mask) X *ptr = 0x01; X ptr++; X if (Ll & mask) X *ptr = 0x01; X ptr++; X mask = 0x000200L; X if (Rh & mask) X *ptr = 0x01; X ptr++; X if (Lh & mask) X *ptr = 0x01; X ptr++; X mask = 0x200000L; X if (Rh & mask) X *ptr = 0x01; X ptr++; X if (Lh & mask) X *ptr = 0x01; X ptr++; X mask = 0x000100L; X if (Rl & mask) X *ptr = 0x01; X ptr++; X if (Ll & mask) X *ptr = 0x01; X ptr++; X mask = 0x100000L; X if (Rl & mask) X *ptr = 0x01; X ptr++; X if (Ll & mask) X *ptr = 0x01; X ptr++; X mask = 0x000100L; X if (Rh & mask) X *ptr = 0x01; X ptr++; X if (Lh & mask) X *ptr = 0x01; X ptr++; X mask = 0x100000L; X if (Rh & mask) X *ptr = 0x01; X ptr++; X if (Lh & mask) X *ptr = 0x01; X ptr++; X mask = 0x000080L; X if (Rl & mask) X *ptr = 0x01; X ptr++; X if (Ll & mask) X *ptr = 0x01; X ptr++; X mask = 0x080000L; X if (Rl & mask) X *ptr = 0x01; X ptr++; X if (Ll & mask) X *ptr = 0x01; X ptr++; X mask = 0x000080L; X if (Rh & mask) X *ptr = 0x01; X ptr++; X if (Lh & mask) X *ptr = 0x01; X ptr++; X mask = 0x080000L; X if (Rh & mask) X *ptr = 0x01; X ptr++; X if (Lh & mask) X *ptr = 0x01; X ptr++; X mask = 0x000010L; X if (Rl & mask) X *ptr = 0x01; X ptr++; X if (Ll & mask) X *ptr = 0x01; X ptr++; X mask = 0x010000L; X if (Rl & mask) X *ptr = 0x01; X ptr++; X if (Ll & mask) X *ptr = 0x01; X ptr++; X mask = 0x000010L; X if (Rh & mask) X *ptr = 0x01; X ptr++; X if (Lh & mask) X *ptr = 0x01; X ptr++; X mask = 0x010000L; X if (Rh & mask) X *ptr = 0x01; X ptr++; X if (Lh & mask) X *ptr = 0x01; X ptr++; X mask = 0x000008L; X if (Rl & mask) X *ptr = 0x01; X ptr++; X if (Ll & mask) X *ptr = 0x01; X ptr++; X mask = 0x008000L; X if (Rl & mask) X *ptr = 0x01; X ptr++; X if (Ll & mask) X *ptr = 0x01; X ptr++; X mask = 0x000008L; X if (Rh & mask) X *ptr = 0x01; X ptr++; X if (Lh & mask) X *ptr = 0x01; X ptr++; X mask = 0x008000L; X if (Rh & mask) X *ptr = 0x01; X ptr++; X if (Lh & mask) X *ptr = 0x01; X ptr++; X mask = 0x000004L; X if (Rl & mask) X *ptr = 0x01; X ptr++; X if (Ll & mask) X *ptr = 0x01; X ptr++; X mask = 0x004000L; X if (Rl & mask) X *ptr = 0x01; X ptr++; X if (Ll & mask) X *ptr = 0x01; X ptr++; X mask = 0x000004L; X if (Rh & mask) X *ptr = 0x01; X ptr++; X if (Lh & mask) X *ptr = 0x01; X ptr++; X mask = 0x004000L; X if (Rh & mask) X *ptr = 0x01; X ptr++; X if (Lh & mask) X *ptr = 0x01; X ptr++; X mask = 0x000002L; X if (Rl & mask) X *ptr = 0x01; X ptr++; X if (Ll & mask) X *ptr = 0x01; X ptr++; X mask = 0x002000L; X if (Rl & mask) X *ptr = 0x01; X ptr++; X if (Ll & mask) X *ptr = 0x01; X ptr++; X mask = 0x000002L; X if (Rh & mask) X *ptr = 0x01; X ptr++; X if (Lh & mask) X *ptr = 0x01; X ptr++; X mask = 0x002000L; X if (Rh & mask) X *ptr = 0x01; X ptr++; X if (Lh & mask) X *ptr = 0x01; X ptr++; X} X Xchar * Xfcrypt (pw, salt) X char *pw; X char *salt; X{ X /* Table lookups for salts reduce fcrypt() overhead dramatically */ X static sbpb24 salt0[] = X { X 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, X 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, X 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, X 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 5, 6, 7, 8, 9, 10, 11, 12, X 13, 14, 15, 16, 17, X X 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, X 32, 33, 34, 35, 36, 37, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, X 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, X 58, 59, 60, 61, 62, 63, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, X 12, 13, 14, 15, 16, 17, X X 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, X 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, X 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, X 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, X X 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, X 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, X 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, X 0, 1, 2, 3, 4 X }; X static sbpb24 salt1[] = X { X 1152, 1216, 1280, 1344, 1408, 1472, 1536, 1600, 1664, X 1728, 1792, 1856, 1920, 1984, 2048, 2112, 2176, 2240, 2304, X 2368, 2432, 2496, 2560, 2624, 2688, 2752, 2816, 2880, 2944, X 3008, 3072, 3136, 3200, 3264, 3328, 3392, 3456, 3520, 3584, X 3648, 3712, 3776, 3840, 3904, 3968, 4032, 0, 64, 128, 192, 256, X 320, 384, 448, 512, 576, 640, 704, 320, 384, 448, 512, 576, 640, X 704, 768, 832, 896, 960, 1024, 1088, X X 1152, 1216, 1280, 1344, 1408, 1472, 1536, 1600, 1664, X 1728, 1792, 1856, 1920, 1984, 2048, 2112, 2176, 2240, 2304, X 2368, 2048, 2112, 2176, 2240, 2304, 2368, 2432, 2496, 2560, X 2624, 2688, 2752, 2816, 2880, 2944, 3008, 3072, 3136, 3200, X 3264, 3328, 3392, 3456, 3520, 3584, 3648, 3712, 3776, 3840, X 3904, 3968, 4032, 0, 64, 128, 192, 256, 320, 384, 448, 512, 576, X 640, 704, 768, 832, 896, 960, 1024, 1088, X X 1152, 1216, 1280, 1344, 1408, 1472, 1536, 1600, 1664, X 1728, 1792, 1856, 1920, 1984, 2048, 2112, 2176, 2240, 2304, X 2368, 2432, 2496, 2560, 2624, 2688, 2752, 2816, 2880, 2944, X 3008, 3072, 3136, 3200, 3264, 3328, 3392, 3456, 3520, 3584, X 3648, 3712, 3776, 3840, 3904, 3968, 4032, 0, 64, 128, 192, 256, X 320, 384, 448, 512, 576, 640, 704, 768, 832, 896, 960, 1024, X 1088, X X 1152, 1216, 1280, 1344, 1408, 1472, 1536, 1600, 1664, X 1728, 1792, 1856, 1920, 1984, 2048, 2112, 2176, 2240, 2304, X 2368, 2432, 2496, 2560, 2624, 2688, 2752, 2816, 2880, 2944, X 3008, 3072, 3136, 3200, 3264, 3328, 3392, 3456, 3520, 3584, X 3648, 3712, 3776, 3840, 3904, 3968, 4032, 0, 64, 128, 192, 256 X }; X X /* final perutation desalting */ X static obpb1 final[] = X { X 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 65, 66, X 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, X 83, 84, 85, 86, 87, 88, 89, 90, 97, 98, 99, 100, 101, 102, 103, X 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, X 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127, 128, 129, X 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, 140, 141, 142, X 143, 144, 145, 146, 147, 148, 149, 150, 151, 152, 153, 154, 155, X 156, 157, 158, 159, 160, 161, 162, 163, 164, 165, 166, 167, 168, X 169, 170, 171, 172, 173, 174, 175, 176, 177, 178, 179, 180, 181, X 182, 183, 184, 185, 186, 187, 188, 189, 190, 191, 192, 193, 194, X 195, 196, 197, 198, 199, 200, 201, 202, 203, 204, 205, 206, 207, X 208, 209, 210, 211, 212, 213, 214, 215, 216, 217, 218, 219, 220, X 221, 222, 223, 224, 225, 226, 227, 228, 229, 230, 231, 232, 233, X 234, 235, 236, 237, 238, 239, 240, 241, 242, 243, 244, 245, 246, X 247, 248, 249, 250, 251, 252, 253, 254, 255, X /* Truncate overflow bits at 256 */ X 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, X 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, X 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, X 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58 X }; X X reg int i, j, k; X reg long int *lip; X sbpb24 saltvalue; X X#ifdef BUILTIN_CLEAR X lip = (long int *) crypt_block; X for (i = (sizeof (crypt_block) / sizeof (long int)); i--; /* - */ ) X { X *(lip++) = 0L; X } X#else /* BUILTIN_CLEAR */ X bzero (crypt_block, 66); X#endif /* BUILTIN_CLEAR */ X X for (i = 0; (k = *pw) && i < 64; pw++) X { X crypt_block[i++] = (k >> 6) & 01; X crypt_block[i++] = (k >> 5) & 01; X crypt_block[i++] = (k >> 4) & 01; X crypt_block[i++] = (k >> 3) & 01; X crypt_block[i++] = (k >> 2) & 01; X crypt_block[i++] = (k >> 1) & 01; X crypt_block[i++] = (k >> 0) & 01; X i++; /* have to skip one here (parity bit) */ X } X X fsetkey ( /* crypt_block */ ); X X#ifdef BUILTIN_CLEAR X lip = (long int *) crypt_block; X for (i = (sizeof (crypt_block) / sizeof (long int)); i--; /* - */ ) X { X *(lip++) = 0L; X } X#else /* BUILTIN_CLEAR */ X bzero (crypt_block, 66); X#endif /* BUILTIN_CLEAR */ X X iobuf[0] = salt[0]; X iobuf[1] = salt[1]; X X saltvalue = salt0[iobuf[0]] | salt1[iobuf[1]]; X saltvalue = TF_TO_SIXBIT (saltvalue); X X XForm (saltvalue); X UnXForm (); X X for (i = 0; i < 11; i++) X { X k = 0; X X for (j = 0; j < 6; j++) X { X k = (k << 1) | crypt_block[SIX_TIMES (i) + j]; X } X iobuf[i + 2] = final[k]; X } X X iobuf[i + 2] = 0; X X if (iobuf[1] == 0) X { X iobuf[1] = iobuf[0]; X } X return (iobuf); X} X/********* INITIALISATION ROUTINES *********/ X Xfbpb4 XlookupS (tableno, t6bits) X unsl tableno; X sbpb6R t6bits; X{ X static fbpb4R S[8][64] = X { X 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7, X 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8, X 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0, X 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13, X X 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10, X 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5, X 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15, X 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9, X X 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8, X 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1, X 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7, X 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12, X X 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15, X 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9, X 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4, X 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14, X X 2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9, X 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6, X 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14, X 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3, X X 12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11, X 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8, X 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6, X 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13, X X 4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1, X 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6, X 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2, X 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12, X X 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7, X 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2, X 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8, X 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11, X }; X sbpb6 fixed6bits; X fbpb4R r; X fbpb4 fixedr; X X fixed6bits = (((t6bits >> 0) & 01) << 5) + X (((t6bits >> 1) & 01) << 3) + X (((t6bits >> 2) & 01) << 2) + X (((t6bits >> 3) & 01) << 1) + X (((t6bits >> 4) & 01) << 0) + X (((t6bits >> 5) & 01) << 4); X X r = S[tableno][fixed6bits]; X X fixedr = (((r >> 3) & 01) << 0) + X (((r >> 2) & 01) << 1) + X (((r >> 1) & 01) << 2) + X (((r >> 0) & 01) << 3); X X return (fixedr); X} X Xvoid Xinit (tableno, lowptr, highptr) X unsl tableno; X sbpb24 *lowptr, *highptr; X{ X X static unsb P[] = X { X 15, 6, 19, 20, X 28, 11, 27, 16, X 0, 14, 22, 25, X 4, 17, 30, 9, X 1, 7, 23, 13, X 31, 26, 2, 8, X 18, 12, 29, 5, X 21, 10, 3, 24, X }; X X static unsb E[] = X { X 31, 0, 1, 2, 3, 4, X 3, 4, 5, 6, 7, 8, X 7, 8, 9, 10, 11, 12, X 11, 12, 13, 14, 15, 16, X 15, 16, 17, 18, 19, 20, X 19, 20, 21, 22, 23, 24, X 23, 24, 25, 26, 27, 28, X 27, 28, 29, 30, 31, 0, X }; X X static obpb1 tmp32[32]; X static obpb1 tmpP32[32]; X static obpb1 tmpE[48]; X X int j, k, i; X int tablenoX4; X reg sbpb24 spare24; X X tablenoX4 = tableno * 4; X X for (j = 0; j < 64; j++) X { X k = lookupS (tableno, j); X X for (i = 0; i < 32; i++) X { X tmp32[i] = 0; X } X X for (i = 0; i < 4; i++) X { X tmp32[tablenoX4 + i] = (k >> i) & 01; X } X X for (i = 0; i < 32; i++) X { X tmpP32[i] = tmp32[P[i]]; X } X X for (i = 0; i < 48; i++) X { X tmpE[i] = tmpP32[E[i]]; X } X X lowptr[j] = 0L; X highptr[j] = 0L; X X for (i = 0; i < 24; i++) X { X lowptr[j] |= (unsigned long) tmpE[i] << i; X } X X for (k = 0, i = 24; i < 48; i++, k++) X { X highptr[j] |= (unsigned long) tmpE[i] << k; X } X X spare24 = lowptr[j]; /* to allow for macro expansion */ X lowptr[j] = TF_TO_SIXBIT (spare24); X X spare24 = highptr[j]; /* to allow for macro expansion */ X highptr[j] = TF_TO_SIXBIT (spare24); X } X} X X Xint Xinit_des () X{ X init (0L, S0L, S0H); X init (1L, S1L, S1H); X init (2L, S2L, S2H); X init (3L, S3L, S3H); X init (4L, S4L, S4H); X init (5L, S5L, S5H); X init (6L, S6L, S6H); X init (7L, S7L, S7H); X return (0); X} END_OF_FILE if test 24546 -ne `wc -c <'Sources/crack-fcrypt.c'`; then echo shar: \"'Sources/crack-fcrypt.c'\" unpacked with wrong size! fi # end of 'Sources/crack-fcrypt.c' fi echo shar: End of archive 4 $of 5$. cp /dev/null ark4isdone MISSING="" for I in 1 2 3 4 5 ; do if test ! -f ark${I}isdone ; then MISSING="${MISSING} ${I}" fi done if test "${MISSING}" = "" ; then echo You have unpacked all 5 archives. rm -f ark[1-9]isdone else echo You still need to unpack the following archives: echo " " ${MISSING} fi ## End of shell archive. exit 0 exit 0 # Just in case...