Published on June 24th, 2011 | by NJ Ouchn0
John The Ripper 1.7.8 released
John the Ripper is free and Open Source software, distributed primarily in source code form. If you would rather use a commercial product tailored for your specific operating system, please consider John the Ripper Pro, which is distributed primarily in the form of “native” packages for the target operating systems and in general is meant to be easier to install and use while delivering optimal performance.
- The bitslice DES S-box expressions have been replaced with those generated by Roman Rusakov specifically for John the Ripper. The corresponding assembly
code for x86 with MMX, SSE2, and for x86-64 with SSE2 has been re-generated. For other CPUs and for AVX/XOP, C compilers do a reasonably good job of generating the code from the supplied C source files (with intrinsics where relevant). The S-box expressions that we were using before had a 21% larger gate count, so theoretically this could provide a 21% speedup. In practice, though, a 12% to 14% speedup at DES-based crypt(3) hashes is typical. This effort has been sponsored by Rapid7
- Corrected support for bcrypt (OpenBSD Blowfish) hashes of passwords containing non-ASCII characters (that is, characters with the 8th bit set). Added support for such hashes produced by crypt_blowfish up to 1.0.4, which contained a sign extension bug (inherited from older versions of John). The old buggy behavior may be enabled per-hash, using the “$2x$” prefix.
- The external mode virtual machine’s performance has been improved through additional multi-op instructions matching common instruction sequences
(assign-pop and some triple- and quad-push VM instructions were added).
- A few minor bug fixes and enhancements were made.