inguqulo entsha yohlelo oludala kakhulu lokuqagela iphasiwedi (umklamo ubulokhu uthuthukiswa kusukela ngo-1996). Sekudlule iminyaka engu-1.8.0 kusukela kwakhululwa inguqulo yangaphambilini ethi 1-jumbo-4.5, lapho izinguquko ezingaphezu kuka-6000 (git commits) zenziwe kubathuthukisi abangaphezu kuka-80. Sibonga u , okufaka ukuhlola kokuqala koshintsho ngalunye (isicelo sokudonsa) ezinkundleni eziningi, ngalesi sikhathi onjiniyela batusa ukusetshenziswa , isimo saso esagcinwa sizinzile naphezu kwezinguquko ezenziwe. Ikhodi yephrojekthi eyinhloko ngaphansi kwelayisensi ye-GPLv2+, futhi ikhodi yezinye izingxenye ingaphansi kwelayisensi ye-BSD.
Isici esikhethekile senguqulo entsha ukubonakala kokusekelwa kwe-FPGA (ngaphezu kwe-CPU, i-GPU ne-Xeon Phi). Okwamabhodi , kufaka phakathi ama-chips angu-4 e-FPGA futhi asetshenziselwa ikakhulukazi izimayini ze-Bitcoin, izinhlobo ezingu-7 ze-password hashes manje sezisetshenziswa: i-bcrypt, i-descrypt yakudala (okuhlanganisa i-bigcrypt), i-sha512crypt, sha256crypt, md5crypt (kubandakanya i-Apache apr1 ne-AIX smd5), i-Drupal7 ne-phpass (esetshenzisiwe , ikakhulukazi ku-WordPress). Ezinye zazo zenziwa ku-FPGA okokuqala ngqa.
Nge-bcrypt, ukusebenza okuzuziwe okungu-~119k c/s ngokuphindaphindwa okungu-2^5 (“$2b$05”) ngokusetshenziswa kwamandla okungu-~27 watts kudlula kakhulu imiphumela yama-GPU akamuva ebhodini ngalinye, inani lezingxenyekazi zekhompuyutha ngayinye, kanye newatt ngayinye. . Futhi isekelwe zamabhodi alolu hlobo, ahlolwe afinyelela kumabhodi ayi-16 (ama-64 FPGA chips) alawulwa kusukela ku-Raspberry Pi 2 eyodwa. Umsebenzi ojwayelekile ka-John the Ripper uyasekelwa, okuhlanganisa zonke izindlela zokuqagela iphasiwedi kanye nokulandwa ngesikhathi esisodwa kwenani elikhulu lama-hashe .
Ukusheshisa umsebenzi, sisebenzise ukusetshenziswa kwe-mask (imodi ethi “-mask”, okuhlanganisa nokuhlanganiswa nezinye izindlela) nokuqhathanisa ama-hashes abaliwe nalawo alayishwe ohlangothini lwe-FPGA. Ngokombono wokusebenzisa, imiklamo eminingi (isb. ) amabhulokhi ahlanganisa ama-processor cores anemicu eminingi (ama-soft CPU cores) asebenzisana nama-cryptographic cores asetshenziswa. Ukuthuthukiswa kwalokhu kusebenza kwaholwa nguDenis Burykin ngokubambisana nabanye abathuthukisi be-jumbo.
Ezinye izinguquko ezibalulekile:
- Ukusekelwa kwenani elikhulu lezinhlobo ezengeziwe zama-hashes, ama-ciphers, njll., kufaka phakathi kokubili ama-hashi ephasiwedi yakudala (isibonelo, kusukela ezinguqulweni ezintsha ze-QNX), kanye nezikhwama zemali ye-cryptocurrency, izingobo zomlando ezibethelwe kanye nezinhlelo zefayela ezibethelwe (isibonelo, i-Bitlocker kanye I-FreeBSD geli), kanye nokusekelwa kwezinhlobo ezintsha zamafomethi asekelwa ngaphambilini (ngokwesibonelo, ukwesekwa okwengeziwe kwe-bcrypt-pbkdf ye-OpenBSD softraid) nokunye okuningi. Sekukonke, amafomethi angama-80 engeziwe ku-CPU nangama-47 ku-OpenCL. Isamba senani lamafomethi manje sekungu-407 ku-CPU (noma angu-262 angafaki amafomethi "ashukumisayo" alungiselelwe ukusuka kumafayela okumisa) kanye nama-88 ku-OpenCL.
- Ukwenqaba ukusekela ulimi lwe-CUDA ngokuvuna i-OpenCL, engaphazamisi nakancane ukusetshenziswa okugcwele kwe-NVIDIA GPUs (futhi kusize ngisho, ngenxa yokugxila ekuthuthukisweni nasekusetshenzisweni kahle ekusetshenzisweni okukodwa kwefomethi ngayinye ye-GPU esikhundleni sokusetshenziswa okubili ngaphambilini).
- Ukusekelwa kwamasethi amasha emiyalo ye-SIMD - AVX2, AVX-512 (kubandakanya eyesizukulwane sesibili i-Xeon Phi) ne-MIC (yesizukulwane sokuqala) - kanye nokusetshenziswa kwendawo yonke nokuphelele kwe-SIMD ekusetshenzisweni kwamafomethi amaningi, okuhlanganisa ukusetshenziswa kwe imiyalelo eyasekelwa ngaphambilini isetha ku-AVX ne-XOP ku-x86(-64) kanye
I-NEON, i-ASID ne-AltiVec ku-ARM, i-Aarch64 kanye ne-POWER, ngokulandelana. - Ukulungiselelwa okuningi kwe-CPU ne-OpenCL, kokubili ukusebenza ngempumelelo nenani elikhulu lama-hashe ngesikhathi esisodwa (isibonelo, ukulayisha ama-hashes e-SHA-320 ayizigidi ezingu-1 ku-GPU kwahlolwa), kanye nokwandisa isivinini sokubala hashi. Okunye kwalokhu kulungiselelwa kutholakala endaweni yonke, okunye kuhlanganisa amafomethi angaphansi ahlukene, futhi amaningi aqondene namafomethi angawodwana.
- (Okuzenzakalelayo-)ukulungiselelwa kokugcina kumthamo okuphelele kwamagama ayimfihlo ahloliwe ku-CPU (“—tune=auto —verbosity=5”) kanye nosayizi abalungile bemisebenzi ku-OpenCL (enikwe amandla ngokuzenzakalela), okuhlanganisa ukucabangela irempu ehamba kancane efika kubuningi bokusebenza obugcwele. yochungechunge lwe-NVIDIA GTX GPUs 10xx nakamuva. Ukusebenzisa ama-hashes alayishiwe ngempela kanye nobude bangempela bamagama-mfihlo ahlolwayo (uma aziwa kusengaphambili) ekulungiseni okunjalo okuzenzakalelayo.
- Ukwengeza isihlanganisi "sezinkulumo eziguqukayo" ezicaciswe ngokuqondile emugqeni womyalo nokusebenzisa izinhlobo ezintsha ze-hybrid hashi, isibonelo "-format=dynamic='sha1(md5($p).$s)'", ebalwa ku-CPU kusetshenziswa i-SIMD. . Njengezingxenye zalezo zinkulumo, inqwaba yama-hashe asheshayo asekelwayo (kusuka kwavamile njenge-MD5 kuya kwezingajwayelekile ngokumaphakathi njenge-Whirlpool), ukuhlanganisa kochungechunge oluncane, ukubhala ngekhodi nokuqopha, ukuguqulwa kwezinhlamvu zezinhlamvu, izinkomba zephasiwedi, usawoti, igama lomsebenzisi neyunithi yezinhlamvu ezingaguquki.
- Ukuqedwa komehluko ongadingeki kuma-hashcat, okuhlanganisa ukusekelwa kwemithetho eqondene ne-hashcat yangaphambilini (imiyalo yemithetho yohlu lwamagama), ukushintshela kunombolo yedivayisi ye-OpenCL isuka ku-1, ukusetshenziswa okuzenzakalelayo kobude obufanayo bephasiwedi (imvamisa ubude obungu-7) ukuze kuhlolwe ukusebenza.
- Izindlela ezintsha zokukhiqiza amagama ayimfihlo aqinisekisekayo (izindlela zokuqhekeka), okuhlanganisa i-PRINCE evela ku-hashcat (amafomu “imishwana” ngokuhlanganisa amagama amaningana ngokwandisa ukuhleleka kobude obuphelele), amasethi amancane (aletha amaphasiwedi anenombolo enganele yezinhlamvu ezihlukene, noma ngabe lezi zinhlamvu ziza kusukela kusethi enkulu yalezo ezingase zibe khona) kanye nenhlanganisela yangaphandle (ivumela izindlela zangaphandle, ezichazwe kumafayela okumisa ngolimi olufana no-C, ukuze kukhiqizwe amagama ayimfihlo amaningi angaqinisekiswa ngokusekelwe “kwigama” ngalinye eliyisisekelo elitholwa kwenye imodi). Futhi, izindlela zangaphandle ezimbalwa ezichazwe ngaphambilini.
- Izici ezengeziwe zokusebenzisa izindlela eziningana ngesikhathi esisodwa (enye phezu kwesinye - ukupakisha), kanye nokusebenzisa amasethi wemithetho (ukupakisha kwemithetho yohlu lwamagama).
- Ukuthuthukiswa kwezindlela zemaski (ukunwetshwa kancane kancane kwemaski ebangeni elithile lobude, ukusetshenziswa kwe-mask ohlangothini lwedivayisi ye-OpenCL noma ibhodi le-FPGA) kanye nokuqhekeka okukodwa (ukuziphatha okunengqondo kumadivayisi abala inani elikhulu lama-hashe ngokuhambisana. , ngaphambilini abengekho amagama ayimfihlo anele okuqinisekisa kule modi, kanye nemikhawulo ekusetshenzisweni kwememori).
- Ukuthuthukiswa okuningi kokusekela i-Unicode nokunye ukubhala ngekhodi kumasistimu angaphansi ahlukahlukene.
- Ukuthuthukiswa okuningi ezinhlelweni ze-*2john (eziguqulela amafayela amafomethi ahlukene
sebenzisa nojohn), ikakhulukazi i-wpapcap2john (iphatha ithrafikhi ye-WiFi). - Kunezinketho eziningi zomugqa womyalo omusha, izilungiselelo ku-john.conf, lungiselela izinketho zeskripthi nezici ezintsha ezihambisanayo, akuzona zonke ezishiwo lapha.
- Ukuthuthukisa ikhwalithi yekhodi sibonga usekelo olwakhelwe ngaphakathi lokulungisa iphutha nge-AddressSanitizer (ngaphambilini) kanye ne-UndefinedBehaviorSanitizer (ingeziwe), kwengeza i-fuzzer yefomethi eyakhelwe ngaphakathi (njengengxenye ye-GSoC 2015), kusetshenziswa ukuhlanganiswa okuqhubekayo (kwakhela inqwaba yesistimu yokusebenza kanye nomhlanganisi. inhlanganisela nokuyihlola ukuthola ukwesekwa okufanele kwawo wonke amafomethi).
Source: opennet.ru