uguqulelo olutsha lwenkqubo endala exhasiweyo yokuqikelela igama lokugqitha (iprojekthi iphuhliswa ukususela ngo-1996). Iminyaka eyi-1.8.0 idlulile ukususela ekukhululweni kwenguqulo yangaphambili ye-1-jumbo-4.5, apho utshintsho olungaphezulu kwe-6000 (i-git commits) lwenziwa ngaphezu kwabaphuhlisi be-80. Enkosi Ku , equka ukutshekishwa kokuqala kotshintsho ngalunye (isicelo sokutsalwa) kumaqonga amaninzi, ngeli xesha abaphuhlisi bacetyiswe ukusebenzisa , imeko eyagcinwa izinzile phezu kwazo nje iinguqulelo ezenziweyo. Ikhowudi yeprojekthi ephambili phantsi kwelayisensi ye-GPLv2+, kwaye ikhowudi yamanye amacandelo iphantsi kwelayisensi ye-BSD.
Isici esikhethekileyo senguqu entsha yimbonakalo yenkxaso yeFPGA (ukongeza kwi-CPU, i-GPU kunye ne-Xeon Phi). Kwiibhodi , kubandakanywa iitshiphusi ze-4 FPGA kwaye ekuqaleni zisetyenziselwa i-Bitcoin mining, iintlobo ezi-7 ze-password hashes ngoku ziphunyeziwe: bcrypt, classic descrypt (kubandakanya i-bigcrypt), sha512crypt, sha256crypt, md5crypt (kubandakanya i-Apache apr1 kunye ne-AIX smd5), i-Drupal7 kunye ne-phpass (esetyenzisiweyo , ngakumbi kwi-WordPress). Ezinye zazo ziphunyezwa kwiFPGA okokuqala.
Kwi-bcrypt, ukusebenza okuphunyeziweyo kwe ~ 119k c/s nge-2^5 iterations (β$2b$05β) ngokusebenzisa amandla e-~27 watts ngokuphawulekayo idlula iziphumo ze-GPU zamva nje ngebhodi, ngexabiso le-hardware, kunye ne-watt nganye. . Ikwaxhaswa iibhodi zolu hlobo, oluye lwavavanywa ukuya 16 iibhodi (64 FPGA chips) elawulwa ukusuka enye Raspberry Pi 2. Isiqhelo umsebenzi kaYohane Ripper ixhaswa, kuquka zonke iindlela zokuqikelela igama lokugqitha kunye ukukhuphela ngaxeshanye inani elikhulu leehashi. .
Ukukhawulezisa umsebenzi, siphumeze ukusetyenziswa kwe-mask (i-"-mask" imowudi, kubandakanywa ngokudibanisa nezinye iindlela) kunye nokuthelekisa i-hashes ebalwayo kunye nalabo abalayishwe kwicala le-FPGA. Ukusuka kwimbono yokuphunyezwa, ezininzi zoyilo (umz. ) iibhloko ezibandakanya i-processor cores enemisonto emininzi (ii-soft CPU cores) ezisebenzisana ne-cryptographic cores zisetyenziswa. Ukuphuhliswa kwalo msebenzi kwakukhokelwa nguDenis Burykin ngokubambisana nabanye abaphuhlisi be-jumbo.
Olunye utshintsho olubalulekileyo:
- Inkxaso yenani elikhulu leentlobo ezongezelelweyo ze-hashes, i-ciphers, njl., kuquka zombini i-password hashes yakudala (umzekelo, kwiinguqulelo ezintsha ze-QNX), kunye ne-cryptocurrency wallets, i-archives efihliweyo kunye neenkqubo zefayile ezifihliweyo (umzekelo, i-Bitlocker kunye I-FreeBSD geli), kunye nenkxaso yeentlobo ezintsha zeefomati ezixhaswe ngaphambili (umzekelo, inkxaso eyongeziweyo ye-bcrypt-pbkdf ye-OpenBSD softraid) kunye nokunye okuninzi. Iyonke, iifomathi ze-80 zongezwe kwi-CPU kunye ne-47 kwi-OpenCL. Inani elipheleleyo lefomathi ngoku i-407 kwi-CPU (okanye i-262 ingabandakanyi iifomati "eziguquguqukayo" ezicwangcisiweyo kwiifayile zoqwalaselo) kunye ne-88 kwi-OpenCL.
- Ukwala ukuxhasa ulwimi lweCUDA ngokuthanda i-OpenCL, engaphazamisi ngokupheleleyo ukusetyenziswa kwe-NVIDIA GPUs (kwaye kunceda, enkosi ekugxininiseni uphuhliso kunye nokuphucula ukuphunyezwa kwefomathi nganye ye-GPU endaweni yokuphunyezwa kabini ngaphambili).
- Inkxaso yeeseti zemiyalelo ye-SIMD entsha - i-AVX2, i-AVX-512 (kubandakanywa nesizukulwana sesibini i-Xeon Phi) kunye ne-MIC (yesizukulwana sokuqala) - kunye nokusetyenziswa kwe-SIMD kwindalo yonke ekuphunyezweni kweefomathi ezininzi, kubandakanywa nokusetyenziswa kwe-SIMD. Umyalelo oxhaswe ngaphambili ucwangcisa ukuya kwi-AVX kunye ne-XOP kwi-x86 (-64) kunye
I-NEON, i-ASID kunye ne-AltiVec kwi-ARM, i-Aarch64 kunye neMANDLA, ngokulandelelanayo. - Ukulungiswa okuninzi kwe-CPU kunye ne-OpenCL, zombini ukusebenza ngokufanelekileyo kunye nenani elikhulu leehashi ngaxeshanye (umzekelo, ukulayisha i-320 yezigidi ze-SHA-1 hashes kwi-GPU kwavavanywa), kunye nokunyusa isantya sokubala kwehashi. Olunye kolu lungiso lwendalo yonke, olunye lugubungela iiseti ezahlukeneyo zeefomathi, kwaye uninzi lukhethekileyo kwiifomathi zomntu ngamnye.
- (Okuzenzekelayo-) uqwalaselo lolona thinteliyo lwamagama agqithisiweyo akhangelweyo kwi-CPU (ββtune=auto βverbosity=5β) kunye nobukhulu bobungakanani bomsebenzi kwi-OpenCL (eyenziwe yasebenza ngokwendalo), kuquka ukuthathela ingqalelo irempu ecothayo ukuya kumaza okusebenza apheleleyo. yochungechunge lwe-NVIDIA GTX GPUs 10xx kwaye intsha. Ukusebenzisa iihashes ezilayishiweyo ngokwenene kunye nobude bokwenyani bamagama agqithisiweyo ajongwayo (xa isaziwa kwangaphambili) kulungiso oluzenzekelayo olunjalo.
- Ukongeza umqokeleli we "iintetho eziguquguqukayo" ezicaciswe ngokuthe ngqo kumgca womyalelo nokusetyenziswa kohlobo olutsha lweehashi, umzekelo "-format=dynamic='sha1(md5($p).$s)'", ibalwe kwi-CPU isebenzisa i-SIMD. . Njengamacandelo entetha enjalo, inqwaba yeehashes ezikhawulezayo ziyaxhaswa (ukusuka kwezo ziqhelekileyo njenge-MD5 ukuya kwezingaqhelekanga ngokwemodareyitha ezifana ne-Whirlpool), i-substring concatenation, i-encoding kunye ne-decoding, i-charge case conversion, ireferensi kwi-password, ityuwa, igama lomsebenzisi kunye ne-strings constants.
- Ukuphelisa ukungafani okungafunekiyo kwi-hashcat, kubandakanywa nenkxaso yemithetho ecacileyo ye-hashcat yangaphambili (imiyalelo yemithetho yoluhlu lwamagama), ukutshintshela kwi-OpenCL yenombolo yesixhobo ukusuka kwi-1, ukusetyenziswa okungagqibekanga kobude obufanayo bephasiwedi (ngokuqhelekileyo ubude be-7) kwiimvavanyo zokusebenza.
- Iimowudi ezintsha zokuvelisa ii-passwords ezingqinisisekayo (iindlela zokuqhekeka), kubandakanywa i-PRINCE esuka kwi-hashcat (iifom "amabinzana" ngokudibanisa amagama amaninzi ngokunyuka komyalelo wobude obupheleleyo), ii-subsets (izisa iiphasiwedi ezinenani elingonelanga labalinganiswa abahlukeneyo, nokuba ngaba abalinganiswa beza. ukusuka kwiseti enkulu enokwenzeka) kunye ne-hybrid yangaphandle (ivumela iindlela zangaphandle, ezichazwe kwiifayile zoqwalaselo ngolwimi olufana no-C, ukuvelisa amagama amaninzi ayimfihlo aqinisekisiweyo ngokusekelwe "kwigama" ngalinye elisisiseko elifunyenwe kwenye indlela). Kwakhona, iindlela ezininzi ezintsha ezichazwe kwangaphambili zangaphandle.
- Iimpawu ezongezelelweyo zokusebenzisa iindlela ezininzi ngaxeshanye (enye phezu komnye - ukupakisha), kunye nokusebenzisa iiseti zemithetho (imigaqo yoluhlu lwamagama).
- Uphuculo kwiindlela zemaski (ukuzolula ngokuthe ngcembe imaski kuluhlu oluchaziweyo lobude, ukusetyenziswa kwemaski kwicala lesixhobo se-OpenCL okanye ibhodi yeFPGA) kunye nokuqhekeka okukodwa (ukuziphatha okunengqiqo kwizixhobo ezibala inani elikhulu leehashes ngokunxuseneyo. , apho ngaphambili bekungekho magama agqithisiweyo aneleyo kule modi, kunye nezithintelo ekusebenziseni imemori).
- Uphuculo oluninzi lokuxhasa i-Unicode kunye nezinye iikhowudi kwiinkqubo ezisezantsi ezahlukeneyo.
- Uphuculo oluninzi kwiinkqubo ze-*2john (eziguqula iifayile zeefomati ezahlukeneyo ze
sebenzisa nojohn), ngakumbi i-wpapcap2john (iphatha ukugcwala kwe-WiFi). - Kukho iinketho ezininzi zelayini yomyalelo omtsha, izicwangciso kwi-john.conf, qwalasela iinketho zescript kunye neempawu ezintsha ezihambelanayo, kungekhona zonke ezikhankanywe apha.
- Ukuphucula umgangatho wekhowudi umbulelo kwinkxaso eyakhelwe-ngaphakathi yokwakhiwa kwe-debug nge-AdressSanitizer (ngaphambili) kunye ne-UndefinedBehaviorSanitizer (eyongeziweyo), idibanisa i-fuzzer eyakhelwe-ngaphakathi (njengenxalenye ye-GSoC 2015), usebenzisa ukuhlanganiswa okuqhubekayo (ukwakha ininzi yenkqubo yokusebenza kunye nomqokeleli. ukudityaniswa nokuzivavanya ukufumana inkxaso echanekileyo yazo zonke iifomathi).
umthombo: opennet.ru