diff --git a/bin/i3lock.sh b/bin/i3lock.sh index 448ec2b..12d355e 100755 --- a/bin/i3lock.sh +++ b/bin/i3lock.sh @@ -1,6 +1,7 @@ #!/bin/sh LOCKER="i3lock -c 000000" -/usr/bin/xss-lock -- "${LOCKER}" & +# intentionally want word splitting below +/usr/bin/xss-lock -- ${LOCKER} & exec /usr/bin/xautolock \ -time 5 \ -detectsleep \ diff --git a/dotfiles/config/i3/config b/dotfiles/config/i3/config index 116a885..c0cffd0 100644 --- a/dotfiles/config/i3/config +++ b/dotfiles/config/i3/config @@ -130,10 +130,11 @@ bindsym $alt+Control+Left workspace prev # i3 lock exec --no-startup-id ~/bin/i3lock.sh & +exec --no-startup-id xset dpms 600 bindsym $mod+l exec \ - bash -c "i3lock -c 000000 -d && (sleep 2 && xset dpms force off) &" + bash -c "i3lock -c 000000 && (sleep 2 && xset dpms force off) &" bindsym $alt+Control+l exec \ - bash -c "i3lock -c 000000 -d && (sleep 2 && xset dpms force off) &" + bash -c "i3lock -c 000000 && (sleep 2 && xset dpms force off) &" # things to start quickly bindsym $mod+g exec /usr/bin/google-chrome-beta --password-store=gnome @@ -169,14 +170,14 @@ bindsym --release $alt+Sys_Req exec --no-startup-id \ /usr/bin/scrot -s $screendir/$scrotformat # useful utilities -exec --no-startup-id \ - (which xss-lock >/dev/null || /usr/bin/cinnamon-settings-daemon) & +#exec --no-startup-id \ +# (which xss-lock >/dev/null || /usr/bin/cinnamon-settings-daemon) & exec --no-startup-id gnome-keyring-daemon --start --components=pkcs11,secrets # Make GTK fonts look great again -exec --no-startup-id gnome-settings-daemon -exec --no-startup-id (sleep 2; nm-applet) & +#exec --no-startup-id gnome-settings-daemon +#exec --no-startup-id (sleep 2; nm-applet) & exec --no-startup-id xset r rate 200 20 -exec --no-startup-id ~/bin/autostart.py +#exec --no-startup-id ~/bin/autostart.py exec --no-startup-id dex --autostart --environment x-cinnamon # customize windows diff --git a/dotfiles/env b/dotfiles/env index 5728691..ed31361 100755 --- a/dotfiles/env +++ b/dotfiles/env @@ -47,7 +47,7 @@ export GPG_ID=7FD58D9A196DCEEEAD671F94F4D7A7915DEA789B # Setup locale if test -x /usr/bin/locale ; then - for l in en_US.UTF-8 C.UTF-8 C ; do + for l in en_US.utf8 C.UTF-8 C ; do if /usr/bin/locale -a | grep -q "${l}" ; then export LC_CTYPE=${l} export LC_NUMERIC=${l} diff --git a/dotfiles/john/john.conf b/dotfiles/john/john.conf index 75d54fc..a098db4 100644 --- a/dotfiles/john/john.conf +++ b/dotfiles/john/john.conf @@ -1,6 +1,6 @@ # # This file is part of John the Ripper password cracker, -# Copyright (c) 1996-2006,2008-2013 by Solar Designer +# Copyright (c) 1996-2006,2008-2013,2019 by Solar Designer # # Redistribution and use in source and binary forms, with or without # modification, are permitted. @@ -42,18 +42,29 @@ SingleRules = Single # Default batch mode Wordlist rules BatchModeWordlistRules = Wordlist -# Default wordlist mode rules when not in batch mode (if any) -# If this is set and you want to run once without rules, use --rules:none -#WordlistRules = Wordlist +# Default wordlist mode rules when not in batch mode (if any). If this is +# changed from an 'empty list' to have default rules applied, and you later +# DO want to perform a run once without rules, use --rules:none on the +# command line. The default is 'empty' or NO rules run at all. +WordlistRules = # Default loopback mode rules (if any) # If this is set and you want to run once without rules, use --rules:none LoopbackRules = Loopback +# Max. number of times to warn about crypting suboptimally small batches, +# before suppressing the warnings. +MaxKPCWarnings = 10 + +# If set to true, relax the KPC warning checks and only warn for really +# bad situations (the fewer salts, the more slack). +RelaxKPCWarningCheck = N + # Default/batch mode Incremental mode # Warning: changing these might currently break resume on existing sessions +# one option frequently changed (with above caveat) is setting DefaultIncrementalUTF8 = UTF8 DefaultIncremental = ASCII -#DefaultIncrementalUTF8 = UTF8 +DefaultIncrementalUTF8 = ASCII DefaultIncrementalLM = LM_ASCII # Time formatting string used in status ETA. @@ -77,32 +88,59 @@ TimeFormat24 = %H:%M:%S # strftime for more information: # http://en.cppreference.com/w/c/chrono/strftime # +# examples: # 2016-02-20T22:35:38+01:00 would be %Y-%m-%dT%H:%M:%S%z # Feb 20 22:35:38 would be %b %d %H:%M:%S -#LogDateFormat = %Y-%m-%dT%H:%M:%S%z +LogDateFormat = # if log date is being used, the time will default to local -# time. But if the next line is uncommented, it will output +# time. But if the next line is changed to 'Y', date output # in UTC. Note, if LogDateFormat is not set, this option -# does nothing. -#LogDateFormatUTC = Y +# is ignored. +LogDateFormatUTC = N # if logging to stderr (--log-stderr command line switch used), # then use date format when outputting to the stderr. -#LogDateStderrFormat = %b %d %H:%M:%S +# +# example +# Feb 20 22:35:38 would be %b %d %H:%M:%S +LogDateStderrFormat = + +# If this is given, it will be printed in the end on any cracked password +# output. In case some 8-bit passwords upset your terminal, putting an +# ANSI "SGR Reset/Normal" here might be a cure. Any "^" characters will be +# parsed as ESC for use in ANSI codes (like in the default) +TerminalReset = ^[0m + +# This can be used to colorize (on screen) or otherwise emphasize (in log +# files) output whenever a supposed administrator password gets cracked. +# +# Set this to N or comment it out to disable all "MarkAdmin" stuff. +MarkAdminCracks = Y + +# If MarkAdminCracks = Y above, the below will be used (if defined) for +# terminal output. The default is to change color to red before the username +# and reset to normal after it. Any "^" characters will be parsed as ESC for +# use in ANSI codes (like in the defaults) +MarkAdminStart = ^[31m +MarkAdminEnd = ^[0m + +# If MarkAdminCracks = Y above, the below will be used (if defined) for logs. +# This literal string will be printed after the " + Cracked: root" line. +MarkAdminString = (ADMIN ACCOUNT) # Permissions to set for session.log file # Default is 0600 -#LogFilePermissions = 0600 +LogFilePermissions = 0600 # Permissions to set for POT file # Default is 0600 -#PotFilePermissions = 0600 +PotFilePermissions = 0600 # John exits if another user owns log or pot file because CHMOD fails, # If this is set John prints a warning and continues # Default is N -#IgnoreChmodErrors = N +IgnoreChmodErrors = N # This figure is in MB. The default is to memory map wordlists not larger # than one terabyte. @@ -113,10 +151,13 @@ WordlistMemoryMapMaxSize = 1048576 # additional candidate. Normal behavior is to only load individual words # from that field. Enabling this can help when this field contains email # addresses or other strings that are better used unsplit, but it increases -# the number of words tried so it may also slow things down. If enabling this -# you might want to bump SingleWordsPairMax too, below, to 10 or more. +# the number of words tried so it may also slow things down. PristineGecos = N +# Add an extra pass when loading Single words, that tries to parse things +# like JEdgarHoover to J Edgar Hoover and so on. +JumboSingleWords = N + # For single mode, ignore the login field. # Normal behavior is to use the login field for single mode. # Skipping the login field should only be enabled if previous single mode @@ -127,13 +168,28 @@ SingleSkipLogin = N # Over-ride SINGLE_WORDS_PAIR_MAX in params.h. This may slow down Single mode # but it may also help cracking a few more candidates. Default in core John -# is 4 while the Jumbo default is 6. This limit is also automatically bumped +# is 4 while the Jumbo default is 6. This limit is automagically increased # by word seed options --single-seed and/or --single-wordlist if needed. SingleWordsPairMax = 6 -# Un-commenting this stops Single mode from re-testing guessed plaintexts +# Setting this to false stops Single mode from re-testing guessed plaintexts # with all other salts. -#SingleRetestGuessed = N +SingleRetestGuessed = Y + +# Max recursion depth for SingleRetestGuessed, so we don't blow the stack +SingleMaxRecursionDepth = 10000 + +# Set the maximum word buffer size used by Single mode. The default is +# 4 GB. If running fork this is the *total* used by a session (size is +# divided by number of forks). If running MPI, we try to determine the +# number of local processes on each node and divide it accordingly. +SingleMaxBufferSize = 4 + +# When running single mode with a GPU or accelerator, we prioritize speed +# (saturating buffers) over resume ability: When resuming such a session +# it may take longer to catch up. Set this option to Y to prioritize +# resuming instead, at the cost of max. speed. +SinglePrioResume = N # Protect the restore files (*.rec) from being overwritten. The default # mode is "Disabled". This mode will provide no protection, but has been @@ -143,7 +199,7 @@ SingleWordsPairMax = 6 # with a --session=xxxx will be protected from being overwritten. If # the option is set to "Always", then all .rec files will be kept from # being overwritten, even ${JOHN}/john.rec file -#SessionFileProtect = Named +SessionFileProtect = Disabled # Protect the log files (*.log) from being reused by new sessons. # The default mode is "Disabled". That means, a nee session will just append @@ -156,7 +212,7 @@ SingleWordsPairMax = 6 # existing log file.) # Unless you use the --nolog option, setting LogFileProtect will also # prevent overwriting existing session files. -#LogFileProtect = Named +LogFileProtect = Disabled # Emit a status line whenever a password is cracked (this is the same as # passing the --crack-status option flag to john). NOTE: if this is set @@ -192,10 +248,10 @@ DefaultMSCodepage = CP850 # legacy codepage that has as much support for the input data as possible, # e.g., for "Latin-1" language passwords you can use ISO-8859-1, CP850 or # CP1252 and it will hardly make any difference but in some cases, ISO-8859-1 -# is faster. Using "UTF-8" (which is not a legacy codepage!) will disable. +# is fastest. Using "UTF-8" (which is not a legacy codepage!) will disable. # # The default is to NOT use any internal codepage. -#DefaultInternalCodepage = ISO-8859-1 +DefaultInternalCodepage = # Warn if seeing UTF-8 when expecting some other encoding, or vice versa. # This is disabled for ASCII or RAW encodings, for performance. @@ -279,24 +335,6 @@ AbortGraceTime = 30 # This may produce some false positives if enabled, at least for SAP-B. SAPhalfHashes = N -# This allows you to list a few words/names that will be used by single mode -# as if they were included in every GECOS field. Use sparingly! Please note -# that the example words are commented out, so the list is empty! -[List.Single:SeedWords] -#Pass -#Secret -#Test - -# This allows you to read extra pot files when loading hashes. Nothing will -# ever be written to these files, they are just read. Any directory in this -# list will be traversed and files in it with an extension of .pot will be -# read. However there will NOT be any recursion down further directory levels. -# Any entries that don't exist will be silently ignored. -[List.Extra:Potfiles] -#somefile.pot -#somedirectory -#$JOHN/my.pot - [Options:CPUtune] # If preset is given, use it and skip autotune (NOTE: non-intel archs will # currently ignore this option and always autotune) @@ -319,14 +357,8 @@ MPIOMPmutex = Y # or when running OMP and MPI at the same time MPIOMPverbose = Y - -# These formats are disabled from all-formats --test runs, or auto-selection -# of format from an input file. Even when disabled, you can use them as long -# as you spell them out with the --format option. Or you can delete a line, -# comment it out, or change to 'N' -[Disabled:Formats] -#formatname = Y -.include '$JOHN/dynamic_disabled.conf' +# Assume all MPI nodes are homogenous; Enforce same OpenCL workgroup sizes. +MPIAllGPUsSame = N # Options that may affect both GPUs and other accelerators (eg. FPGA) [Options:GPU] @@ -338,73 +370,26 @@ TempStatus = Y UtilStatus = N FanStatus = N -# Abort session if GPU hits this temperature (in C) +# Abort the process or sleep for a while if a GPU hits this temperature (in C) AbortTemperature = 95 - -# ZTEX specific settings -[ZTEX:descrypt] -# The design has two programmable clocks. The 1st one is supplied to -# pipelines of DES rounds, the 2nd clock is supplied to comparators. -# Startup frequencies are 220,160. -#Frequency = 220,160 - -[ZTEX:bcrypt] -# Define typical setting of hashes it's going to process. It allows -# to adjust for best performance. -TargetSetting = 6 -# Startup frequency for bcrypt-ztex is 140. Design tools guaranteed -# 141.5 in worst-case temperature and voltage. -Frequency = 141 -# It's possible to set frequency on per-board and per-fpga basis. -#Frequency_04A36E0FD6 = 142 -#Frequency_04A36E0FD6_0 = 143 -#Frequency_04A36E0FD6_3 = 144 - -[ZTEX:sha512crypt] -#TargetRounds = 5000 -# Design tools reported possible frequency to be 215 MHz. -# We never encountered a board where this worked anywhere close -# to such high frequency. Default frequency is set to 160 MHz. -# Some lucky boards might run at some higher frequency. -Frequency = 160 -#Config1 = \x00\x00 - -[ZTEX:Drupal7] -#TargetRounds = 16384 -# Drupal7 uses same bitstream as sha512crypt, see comment regarding -# default frequency in sha512crypt section. -#Frequency = 160 -# Some bitstreams accept runtime configuration. -# In sha512crypt/Drupal7, configuration is 2 bytes. That's interpreted -# as a bitmask. By setting any of the lowest 10 bits to 1 it turns off -# corresponding unit (there are 10 units in the bitstream). -# This turns off units 0 and 1. -#Config1 = \x03\x00 -# This turns off all 10 units (resulting in a timeout). -#Config1_04A36E0FD6_0 = \xff\x03 - -[ZTEX:sha256crypt] -# Design tools reported possible frequency is 166.3 but tested boards -# miss guesses, often fail unless frequency is decreased. -#Frequency = 165 -Frequency = 135 -#TargetRounds = 1000000 - -# md5crypt and phpass use same bitstream. Design tools reported -# possible frequency is 202 MHz. Tested boards run OK at 180 MHz. -[ZTEX:md5crypt] -Frequency = 180 - -[ZTEX:phpass] -Frequency = 180 -#TargetRounds = 2048 +# Instead of aborting, sleep for this many seconds to cool the GPU down when +# the temperature hits the AbortTemperature value, then re-test the temperature +# and either wake up or go to sleep again. Set this to 0 to actually abort. +# Suppress repeated sleep/wakeup messages when SleepOnTemperature = 1, which we +# interpret as intent to keep the GPU temperature around the limit. +SleepOnTemperature = 1 [Options:OpenCL] -# Set default OpenCL device. Command line option will override this. +# Set default OpenCL device(s). Command line option will override this. # If not set, we will search for a GPU or fall-back to the most -# powerful device. -#Device = 0 +# powerful device. Syntax is same as --device option. +Device = + +# If set to true, store LWS and GWS in session file for later resume. +# Note that when resuming, this option is ignored: If the session file +# was written with this option set, it will still be used. +ResumeWS = N # Global max. single kernel invocation duration, in ms. Setting this low # (eg. 10-100 ms) gives you a better responding desktop but lower performance. @@ -412,7 +397,7 @@ Frequency = 180 # may lag. Really high values may trip watchdogs (eg. 5 seconds). Some versions # of AMD Catalyst may hang if you go above 200 ms, and in general any good # kernel will perform optimally at 100-200 ms anyway. -#Global_MaxDuration = 200 +Global_MaxDuration = # Some formats vectorize their kernels in case the device says it's a good # idea. Some devices give "improper" hints which means we vectorize but get @@ -420,7 +405,7 @@ Frequency = 180 # will disable vectorizing globally. # With this set to N (or commented out) you can force it per session with # the --force-scalar command-line option instead. -#ForceScalar = Y +ForceScalar = N # Global build options. Format-specific build options below may be # concatenated to this. @@ -432,7 +417,6 @@ GlobalBuildOpts = -cl-mad-enable # Any other value (eg. 64) will be taken verbatim. AutotuneLWS = 1 - # Format-specific settings: # Uncomment the below for nvidia sm_30 and beyond. @@ -482,11 +466,115 @@ sha512crypt_Bonaire = -DUNROLL_LOOP=132104 # S -> supported # T -> not recommended: really bad software. I mean "trash". +# ZTEX specific settings +[List.ZTEX:Devices] +# If you list Serial Numbers (SN) of ZTEX boards here, it will display +# numbers (starting from 1) instead of factory programmed SN's. +# These numbers can be used in --dev command-line option. +#04A36E0000 +#04A36D0000 + +[ZTEX:descrypt] +# The design has programmable clock. Design tools reported possible +# frequency to be 221 MHz. Tested boards work reliably at 190. +Frequency = 190 + +[ZTEX:bcrypt] +# Define typical setting of hashes it's going to process. It allows +# to adjust for best performance. +TargetSetting = 5 +# Design tools reported possible frequency to be 141.5 MHz. +# Tested boards work reliably at 150, so that's what we use by default. +Frequency = 150 +# For any algorithm it's possible to set frequency on per-board and +# per-FPGA basis, but the lowest frequency will determine performance. +#Frequency_04A36E0FD6 = 142 +#Frequency_04A36E0FD6_1 = 143 +#Frequency_04A36E0FD6_4 = 144 + +[ZTEX:sha512crypt] +#TargetRounds = 5000 +# Design tools reported possible frequency to be 215 MHz. +# We never encountered a board where this worked anywhere close +# to such high frequency. Default frequency is set to 160 MHz. +# Some lucky boards might run at some higher frequency. +Frequency = 160 +#Config1 = \x00\x00 + +[ZTEX:Drupal7] +#TargetRounds = 16384 +# Drupal7 uses same bitstream as sha512crypt, see comment regarding +# default frequency in sha512crypt section. +#Frequency = 160 +# Some bitstreams accept runtime configuration. +# In sha512crypt/Drupal7, configuration is 2 bytes. That's interpreted +# as a bitmask. By setting any of the lowest 10 bits to 1 it turns off +# corresponding unit (there are 10 units in the bitstream). +# This turns off units 0 and 1. +#Config1 = \x03\x00 +# This turns off all 10 units (resulting in a timeout). +#Config1_04A36E0FD6_0 = \xff\x03 + +[ZTEX:sha256crypt] +# Design tools reported possible frequency is 241 MHz but tested boards +# miss guesses, often fail unless frequency is decreased. +# Tested boards work reliably at 175. +Frequency = 175 +#TargetRounds = 500000 + +# md5crypt and phpass use same bitstream. Design tools reported +# possible frequency is 202 MHz. Tested boards run OK at 180 MHz. +[ZTEX:md5crypt] +Frequency = 180 + +[ZTEX:phpass] +Frequency = 180 +#TargetRounds = 2048 + +# These formats are disabled from all-formats --test runs, or auto-selection +# of format from an input file. Even when disabled, you can use them as long +# as you spell them out with the --format option. Or you can delete a line, +# comment it out, or change to 'N' +[Disabled:Formats] +#formatname = Y +.include '$JOHN/dynamic_disabled.conf' + +[Formats:7z] +# With this enabled, the 7z formats check padding after AES decryption which +# more or less guarantees we don't get any false positives, and also makes +# the formats faster (in some cases a LOT faster). We've had one (1) report +# of getting a false negative having this enabled though, so if you fail to +# crack some archive you may want to disable this and re-try all attacks. +TrustPadding = Y + +# This allows you to list a few words/names that will be used by single mode +# as if they were included in every GECOS field. Use sparingly! Please note +# that the example words are commented out, so the list is empty! +[List.Single:SeedWords] +#Pass +#Secret +#Test + +# This allows you to read extra pot files when loading hashes. Nothing will +# ever be written to these files, they are just read. Any directory in this +# list will be traversed and files in it with an extension of .pot will be +# read. However there will NOT be any recursion down further directory levels. +# Any entries that don't exist will be silently ignored. +[List.Extra:Potfiles] +#somefile.pot +#somedirectory +#$JOHN/my.pot + +[Debug] +# Changing this to Yes will enable legacy-style benchmarks, for comparisons +Benchmarks_1_8 = N +# Changing this to Yes will test salted formats as one/many salts, for debug +BenchmarkMany = N + [PRINCE] # Default wordlist file name. Will fall back to standard wordlist if not # defined. -#Wordlist = $JOHN/password.lst - +Wordlist = # Markov modes, see ../doc/MARKOV for more information [Markov:Default] @@ -549,13 +637,41 @@ DefaultHybridMask = ?w?d?d?d?d 8 = 9 = +[Subsets] +# When iterating over length, emit a status line after each length is done +LengthIterStatus = Y + +# Min/Max number of unique characters. MaxDiff can't be set larger than 16. +MinDiff = 1 +MaxDiff = 7 + +# Default charset, either a literal string or a single-digit number pointing +# to one of the sets below. If not defined, all printable ASCII is used. +DefaultCharset = + +# Subsets mode charsets 0-9. These are literal strings. TAB and space +# characters can be used as long as they do not come first or last. The only +# "magic" used here is \U+HHHH or \U+HHHHH for any Unicode character (except +# the very highest private area that has six hex digits). For example, you +# could say \U+1F600 for a "Grinning Face". +0 = 0123456789abcdef +1 = ABCDEF0123456789 +2 = 0123456789abcdefghijklmnopqrstuvwxyzàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿABCDEFGHIJKLMNOPQRSTUVWXYZÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞß !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ +3 = 0123456789άέήίαβγδεζηθικλμνξοπρςστυφχψωϊϋόύώΆΈΉΊΌΎΏΑΒΓΔΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΩΪΫ !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~ +4 = 0123456789абвгдежзийклмнопрстуфхцчшщъыьэюяёЁАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫЬЭЮЯ№ !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~ +5 = +6 = +7 = +8 = +9 = + +[Regen_Salts_UserClasses] # These are user defined character sets. Their purpose is to allow custom salt # values to be used within the salt_regen logic. These will be the characters # to use for this character within the salt. So if we had a salt that was 4 # characters, and 0-9a-m, we can easily do this by 0 = [0-9a-m]. If this is # used, the regen salt value would be ?0?0?0?0 and salts such as a47m 2kd5 # would be valid. -[Regen_Salts_UserClasses] 1 = [1-9] # A "no rules" rule for eg. super-fast Single mode (use with --single=none) @@ -575,20 +691,20 @@ DefaultHybridMask = ?w?d?d?d?d # These are currently Jumbo-specific. [List.Rules:JumboSingle] /?d @?d >4 -/?d @?d M @?A Q >4 -/?d @?d >4 M [lc] Q -/?d @?d M @?A Q >4 M [lc] Q +/?d @?d M @?A >4 Q +-c /?d @?d >4 M [lc] Q +-c /?d @?d M @?A >4 Q M [lc] Q @?D Q >4 /?d @?d >3 <* $[0-9] Q -/?d @?d M >3 <* [lc] Q $[0-9] Q -/?d @?d >3 <- Az"12" Q -/?d @?d M >3 <- [lc] Q Az"12" -/?d @?d >3 Az"123" Q <+ -/?d @?d M >3 [lc] Q Az"123" <+ -/?d @?d >2 d Q <+ -/?d @?d >2 M [lc] Q d<+ -(?a )?d /?d 'p Xpz0 -)?a (?d /?a 'p Xpz0 +-c /?d @?d >3 <* M [lc] Q $[0-9] +/?d @?d >3 <- Az"12" <+ Q +-c /?d @?d >3 <- M [lc] Q Az"12" <+ +/?d @?d >3 Az"123" <+ Q +-c /?d @?d >3 M [lc] Q Az"123" <+ +/?d @?d >2 al d +-c /?d @?d >2 al M [lc] Q d +(?a )?d /?d a0 'p Xpz0 +)?a (?d /?a a0 'p Xpz0 # "Single crack" mode rules @@ -663,7 +779,7 @@ r c # mary -> marie -[:c] <* (?\p1[za] \p1[lc] )y omi $e # marie -> mary --[:c] <* (?\p1[za] \p1[lc] )e \] )i val1 oay +-[:c] (?\p1[za] \p1[lc] )e \] <+ )i val1 oay # The following are some 3l33t rules -[:c] l /[aelos] s\0\p[4310$] (?\p1[za] \p1[:c] -[:c] l /a /[elos] sa4 s\0\p[310$] (?\p1[za] \p1[:c] @@ -844,24 +960,65 @@ l Az"[1-90][0-9][0-9]" <+ -s-c x** M l Q # Case toggler for cracking MD4-based NTLM hashes (with the contributed patch) -# given already cracked DES-based LM hashes. -# Use --rules=NT to use this +# given already cracked DES-based LM hashes. Use --rules=NT to use this. [List.Rules:NT] : -c T0Q --c T1QT[z0] --c T2QT[z0]T[z1] --c T3QT[z0]T[z1]T[z2] --c T4QT[z0]T[z1]T[z2]T[z3] --c T5QT[z0]T[z1]T[z2]T[z3]T[z4] --c T6QT[z0]T[z1]T[z2]T[z3]T[z4]T[z5] --c T7QT[z0]T[z1]T[z2]T[z3]T[z4]T[z5]T[z6] --c T8QT[z0]T[z1]T[z2]T[z3]T[z4]T[z5]T[z6]T[z7] --c T9QT[z0]T[z1]T[z2]T[z3]T[z4]T[z5]T[z6]T[z7]T[z8] --c TAQT[z0]T[z1]T[z2]T[z3]T[z4]T[z5]T[z6]T[z7]T[z8]T[z9] --c TBQT[z0]T[z1]T[z2]T[z3]T[z4]T[z5]T[z6]T[z7]T[z8]T[z9]T[zA] --c TCQT[z0]T[z1]T[z2]T[z3]T[z4]T[z5]T[z6]T[z7]T[z8]T[z9]T[zA]T[zB] --c TDQT[z0]T[z1]T[z2]T[z3]T[z4]T[z5]T[z6]T[z7]T[z8]T[z9]T[zA]T[zB]T[zC] +-c ->2 a0 T1QT[z0] +-c ->3 a0 T2QT[z0]T[z1] +-c ->4 a0 T3QT[z0]T[z1]T[z2] +-c ->5 a0 T4QT[z0]T[z1]T[z2]T[z3] +-c ->6 a0 T5QT[z0]T[z1]T[z2]T[z3]T[z4] +-c ->7 a0 T6QT[z0]T[z1]T[z2]T[z3]T[z4]T[z5] +-c ->8 a0 T7QT[z0]T[z1]T[z2]T[z3]T[z4]T[z5]T[z6] +-c ->9 a0 T8QT[z0]T[z1]T[z2]T[z3]T[z4]T[z5]T[z6]T[z7] +-c ->A a0 T9QT[z0]T[z1]T[z2]T[z3]T[z4]T[z5]T[z6]T[z7]T[z8] +-c ->B a0 TAQT[z0]T[z1]T[z2]T[z3]T[z4]T[z5]T[z6]T[z7]T[z8]T[z9] +-c ->C a0 TBQT[z0]T[z1]T[z2]T[z3]T[z4]T[z5]T[z6]T[z7]T[z8]T[z9]T[zA] +-c ->D a0 TCQT[z0]T[z1]T[z2]T[z3]T[z4]T[z5]T[z6]T[z7]T[z8]T[z9]T[zA]T[zB] +-c ->E a0 TDQT[z0]T[z1]T[z2]T[z3]T[z4]T[z5]T[z6]T[z7]T[z8]T[z9]T[zA]T[zB]T[zC] + +# Shift toggler, up to length 16 +[List.Rules:ShiftToggle] +: +W0Q +->2 a0 W1QW[z0] +->3 a0 W2QW[z0]W[z1] +->4 a0 W3QW[z0]W[z1]W[z2] +->5 a0 W4QW[z0]W[z1]W[z2]W[z3] +->6 a0 W5QW[z0]W[z1]W[z2]W[z3]W[z4] +->7 a0 W6QW[z0]W[z1]W[z2]W[z3]W[z4]W[z5] +->8 a0 W7QW[z0]W[z1]W[z2]W[z3]W[z4]W[z5]W[z6] +->9 a0 W8QW[z0]W[z1]W[z2]W[z3]W[z4]W[z5]W[z6]W[z7] +->A a0 W9QW[z0]W[z1]W[z2]W[z3]W[z4]W[z5]W[z6]W[z7]W[z8] +->B a0 WAQW[z0]W[z1]W[z2]W[z3]W[z4]W[z5]W[z6]W[z7]W[z8]W[z9] +->C a0 WBQW[z0]W[z1]W[z2]W[z3]W[z4]W[z5]W[z6]W[z7]W[z8]W[z9]W[zA] +->D a0 WCQW[z0]W[z1]W[z2]W[z3]W[z4]W[z5]W[z6]W[z7]W[z8]W[z9]W[zA]W[zB] +->E a0 WDQW[z0]W[z1]W[z2]W[z3]W[z4]W[z5]W[z6]W[z7]W[z8]W[z9]W[zA]W[zB]W[zC] +->F a0 WEQW[z0]W[z1]W[z2]W[z3]W[z4]W[z5]W[z6]W[z7]W[z8]W[z9]W[zA]W[zB]W[zC]W[zD] +->G a0 WFQW[z0]W[z1]W[z2]W[z3]W[z4]W[z5]W[z6]W[z7]W[z8]W[z9]W[zA]W[zB]W[zC]W[zD]W[zE] + +[List.Rules:Multiword] +-c / Dp l +-c / Dp c Tp +-c / Dp / Dp l +-c / Dp c Tp / Dp Tp +-c %4[ ] T[0z] \p0[Q:] \p0[M:] va01 vbpa Tb Q M %3[ ] vbpa Tb Q M %2[ ] vbpa Tb Q M /[ ] vbpa Tb Q @?[Zw] +-c %3[ ] T[0z] \p0[Q:] \p0[M:] va01 vbpa Tb Q M %2[ ] vbpa Tb Q M /[ ] vbpa Tb Q @?[Zw] +-c %2[ ] T[0z] \p0[Q:] \p0[M:] va01 vbpa Tb Q M /[ ] vbpa Tb Q @?[Zw] +-c /[ ] T[0z] \p0[Q:] \p0[M:] va01 vbpa Tb Q @?[Zw] +-c %2[ ] T[0z] \p0[Q:] \p0[M:] va01 vbpa Tb Q @?[Zw] +-c %3[ ] T[0z] \p0[Q:] \p0[M:] va01 vbpa Tb Q @?[Zw] +-c %4[ ] T[0z] \p0[Q:] \p0[M:] va01 vbpa Tb Q @?[Zw] +-c %2[ ] T[0z] \p0[Q:] \p0[M:] va01 vbpa Tb Q M /[ ] vbpa Tb Q @?[Zw] +-c %3[ ] T[0z] \p0[Q:] \p0[M:] va01 vbpa Tb Q M /[ ] vbpa Tb Q @?[Zw] +-c %4[ ] T[0z] \p0[Q:] \p0[M:] va01 vbpa Tb Q M /[ ] vbpa Tb Q @?[Zw] +-c %2[ ] T[0z] \p0[Q:] \p0[M:] va01 vbpa Tb Q M %3[ ] vbpa Tb Q @?[Zw] +-c %2[ ] T[0z] \p0[Q:] \p0[M:] va01 vbpa Tb Q M %4[ ] vbpa Tb Q @?[Zw] +-c %3[ ] T[0z] \p0[Q:] \p0[M:] va01 vbpa Tb Q M %4[ ] vbpa Tb Q @?[Zw] +-c %4[ ] T[0z] \p0[Q:] \p0[M:] va01 vbpa Tb Q M %3[ ] vbpa Tb Q M %2[ ] vbpa Tb Q @?[Zw] +-c %4[ ] T[0z] \p0[Q:] \p0[M:] va01 vbpa Tb Q M %2[ ] vbpa Tb Q M /[ ] vbpa Tb Q @?[Zw] +-c %4[ ] T[0z] \p0[Q:] \p0[M:] va01 vbpa Tb Q M %3[ ] vbpa Tb Q M /[ ] vbpa Tb Q @?[Zw] # Used for loopback. This rule will produce candidates "PASSWOR" and "D" for # an input of "PASSWORD" (assuming LM, which has halves of length 7). @@ -872,49 +1029,120 @@ l Az"[1-90][0-9][0-9]" <+ # Some Office <=2003 files have passwords truncated at 15 [List.Rules:OldOffice] : -->F>F'F +->F -F 'F # Rules from Hash Runner 2014 [List.Rules:o1] -o[0-9A-Z][ -~] +# o[0-9A-Z][ -~] +->\r[1-9A-ZZ] >\p[0-9A-Z] o\0[ -~] Q [List.Rules:o2] -o[0-9A-E][ -~] Q M o[0-9A-E][ -~] Q +# o[0-9A-E][ -~] Q M o[0-9A-E][ -~] Q +->[1-9A-F] ->[1-9A-F] >\p1[0-9A-E] >\p2[0-9A-E] o\3[ -~] Q M o\4[ -~] Q [List.Rules:o3] -o[0-9][ -~] Q M o[0-9][ -~] Q M o[0-9][ -~] Q +# o[0-9][ -~] Q M o[0-9][ -~] Q M o[0-9][ -~] Q +->[1-9A] ->[1-9A] ->[1-9A] >\p1[0-9] >\p2[0-9] >\p3[0-9] o\4[ -~] Q M o\5[ -~] Q M o\6[ -~] Q [List.Rules:o] -o[0-9A-Z][ -~] -o[0-9A-E][ -~] Q M o[0-9A-E][ -~] Q +.include [List.Rules:o1] +.include [List.Rules:o2] [List.Rules:i1] -i[0-9A-Z][ -~] +# i[0-9A-Z][ -~] +->\r[2-9A-ZZZ] >\p1[0-9A-Z] i\0[ -~] [List.Rules:i2] -i[0-9A-E][ -~] i[0-9A-E][ -~] +# i[0-9A-E][ -~] i[0-9A-E][ -~] +->[2-9A-G] ->[2-9A-G] >\p1[0-9A-E] >\p2[0-9A-E] i\3[ -~] i\4[ -~] [List.Rules:i3] -i[0-9][ -~] i[0-9][ -~] i[0-9][ -~] +# i[0-9][ -~] i[0-9][ -~] i[0-9][ -~] +->[4-9A-D] ->[4-9A-D] ->[4-9A-D] >\p1[0-9] >\p2[0-9] >\p3[0-9] i\4[ -~] i\5[ -~] i\6[ -~] [List.Rules:i] -i[0-9A-Z][ -~] -i[0-9A-E][ -~] i[0-9A-E][ -~] +.include [List.Rules:i1] +.include [List.Rules:i2] [List.Rules:oi] -o[0-9A-Z][ -~] -i[0-9A-Z][ -~] -o[0-9A-E][ -~] Q M o[0-9A-E][ -~] Q -i[0-9A-E][ -~] i[0-9A-E][ -~] +.include [List.Rules:o1] +.include [List.Rules:i1] +.include [List.Rules:o2] +.include [List.Rules:i2] [List.Rules:T9] -/?D l sa2 sb2 sc2 sd3 se3 sf3 sg4 sh4 si4 sj5 sk5 sl5 sm6 sn6 so6 sp7 sq7 sr7 ss7 st8 su8 sv8 sw9 sx9 sy9 sz9 s?D* -/?D l sa2 sb2 sc2 sd3 se3 sf3 sg4 sh4 si4 sj5 sk5 sl5 sm6 sn6 so6 sp7 sq7 sr7 ss7 st8 su8 sv8 sw9 sx9 sy9 sz9 /?D s?D# +a0 /?D l sa2 sb2 sc2 sd3 se3 sf3 sg4 sh4 si4 sj5 sk5 sl5 sm6 sn6 so6 sp7 sq7 sr7 ss7 st8 su8 sv8 sw9 sx9 sy9 sz9 s?D* +a0 /?D l sa2 sb2 sc2 sd3 se3 sf3 sg4 sh4 si4 sj5 sk5 sl5 sm6 sn6 so6 sp7 sq7 sr7 ss7 st8 su8 sv8 sw9 sx9 sy9 sz9 /?D s?D# + +# A few rule sets from hashcat (taken as-is from https://github.com/hashcat/) +# +# Note that these are very poorly optimized with our measure, as they lack +# rule-rejection flags. Also, they don't use the preprocessor so are a lot +# harder to digest (for a human looking at them that is, for JtR there's +# virtually no difference). +# +[List.Rules:best64] +!! hashcat logic ON +.include +!! hashcat logic OFF + +[List.Rules:d3ad0ne] +!! hashcat logic ON +.include +!! hashcat logic OFF + +[List.Rules:dive] +!! hashcat logic ON +.include +!! hashcat logic OFF + +[List.Rules:InsidePro] +!! hashcat logic ON +.include +!! hashcat logic OFF + +[List.Rules:T0XlC] +!! hashcat logic ON +.include +.include +.include +!! hashcat logic OFF + +[List.Rules:rockyou-30000] +!! hashcat logic ON +.include +!! hashcat logic OFF + +[List.Rules:specific] +!! hashcat logic ON +.include +!! hashcat logic OFF + +[List.Rules:hashcat] +.include [List.Rules:best64] +.include [List.Rules:d3ad0ne] +.include [List.Rules:dive] +.include [List.Rules:InsidePro] +.include [List.Rules:T0XlC] +.include [List.Rules:rockyou-30000] +.include [List.Rules:specific] + +# These are for phrase wordlists w/ spaces +[List.Rules:passphrase-rule1] +.include + +[List.Rules:passphrase-rule2] +.include # Default Loopback mode rules. [List.Rules:Loopback] -.include [List.Rules:NT] +.include [List.Rules:ShiftToggle] .include [List.Rules:Split] +!! hashcat logic ON ++m +-m +!! hashcat logic OFF +b1 ] # For Single Mode against fast hashes [List.Rules:Single-Extra] @@ -922,31 +1150,25 @@ i[0-9A-E][ -~] i[0-9A-E][ -~] .include [List.Rules:Extra] .include [List.Rules:OldOffice] -# "Best64" rules -[List.Rules:best64] -!! hashcat logic ON -.include -!! hashcat logic OFF - # For Wordlist mode and very fast hashes [List.Rules:Jumbo] +.include [List.Rules:Single-Extra] .include [List.Rules:Wordlist] -.include [List.Rules:Single] -.include [List.Rules:Extra] -.include [List.Rules:NT] -.include [List.Rules:OldOffice] +.include [List.Rules:ShiftToggle] +.include [List.Rules:Multiword] .include [List.Rules:best64] # KoreLogic rules .include -# Everything, including all KoreLogic rules. Only for very fast hashes -# and/or Single mode. +# Everything, including all KoreLogic and the rest of included hashcat rules. +# Only for very fast hashes and/or Single mode. Some of these rules are of +# ridiculous quality and lack optimizations - you have been warned. [List.Rules:All] .include [List.Rules:Jumbo] -.include [List.Rules:best64] .include [List.Rules:KoreLogic] .include [List.Rules:T9] +.include [List.Rules:hashcat] # Incremental modes @@ -1516,1092 +1738,6 @@ void init() type = ' '; } - -# Strip 0.5 ("Secure Tool for Recalling Important Passwords") cracker, -# based on analysis done by Thomas Roessler and Ian Goldberg. This will -# crack passwords you may have generated with Strip; other uses of Strip -# are unaffected. -[List.External:Strip] -int minlength, maxlength, mintype, maxtype; -int crack_seed, length, type; -int count, charset[128]; - -void init() -{ - int c; - -/* Password lengths to try; Strip can generate passwords of 4 to 16 - * characters, but traditional crypt(3) hashes are limited to 8. */ - minlength = req_minlen; - if (minlength < 4) - minlength = 4; - if (req_maxlen) - maxlength = req_maxlen; - else // the format's limit - maxlength = cipher_limit; - if (maxlength >16) maxlength = 16; - -/* Password types to try (Numeric, Alpha-Num, Alpha-Num w/ Meta). */ - mintype = 0; // 0 - maxtype = 2; // 2 - - crack_seed = 0x10000; - length = minlength - 1; - type = mintype; - - count = 0; - c = '0'; while (c <= '9') charset[count++] = c++; -} - -void generate() -{ - int seed, random; - int i, c; - - if (crack_seed > 0xffff) { - crack_seed = 0; - - if (++length > maxlength) { - length = minlength; - - if (++type > maxtype) { - word[0] = 0; - return; - } - } - - count = 10; - if (type >= 1) { - c = 'a'; while (c <= 'f') charset[count++] = c++; - c = 'h'; while (c <= 'z') charset[count++] = c++; - c = 'A'; while (c <= 'Z') charset[count++] = c++; - } - if (type == 2) { - charset[count++] = '!'; - c = '#'; while (c <= '&') charset[count++] = c++; - c = '('; while (c <= '/') charset[count++] = c++; - c = '<'; while (c <= '>') charset[count++] = c++; - charset[count++] = '?'; charset[count++] = '@'; - charset[count++] = '['; charset[count++] = ']'; - charset[count++] = '^'; charset[count++] = '_'; - c = '{'; while (c <= '~') charset[count++] = c++; - } - } - - seed = (crack_seed++ << 16 >> 16) * 22695477 + 1; - - i = 0; - while (i < length) { - random = ((seed = seed * 22695477 + 1) >> 16) & 0x7fff; - word[i++] = charset[random % count]; - } - - word[i] = 0; -} - -# A variation of KnownForce configured to try all the 385641000 possible -# auto-generated passwords of DokuWiki versions up to at least 2013-05-10. -[List.External:DokuWiki] -int last; // Last character position, zero-based -int lastofs; // Last character position offset into charset[] -int lastid; // Current character index in the last position -int id[0x7f]; // Current character indices for other positions -int charset[0x7f00]; // Character sets, 0x100 elements for each position - -void init() -{ - int A[26], C[26], V[26]; - int length; - int pos, ofs, i, c; - - i = 0; while (i < 26) { A[i] = C[i] = 1; V[i++] = 0; } - i = 'a' - 'a'; C[i] = 0; V[i] = 1; - i = 'e' - 'a'; C[i] = 0; V[i] = 1; - i = 'i' - 'a'; C[i] = 0; V[i] = 1; - i = 'o' - 'a'; C[i] = 0; V[i] = 1; - i = 'u' - 'a'; C[i] = 0; V[i] = 1; - i = 'q' - 'a'; A[i] = C[i] = 0; - i = 'x' - 'a'; A[i] = C[i] = 0; - i = 'y' - 'a'; A[i] = C[i] = 0; - - length = 8; - -/* This defines the character sets for different character positions */ - pos = 0; - while (pos < 6) { - ofs = pos++ << 8; - i = 0; - c = 'a' - 1; - while (++c <= 'z') - if (C[c - 'a']) - charset[ofs + i++] = c; - charset[ofs + i] = 0; - ofs = pos++ << 8; - i = 0; - c = 'a' - 1; - while (++c <= 'z') - if (V[c - 'a']) - charset[ofs + i++] = c; - charset[ofs + i] = 0; - ofs = pos++ << 8; - i = 0; - c = 'a' - 1; - while (++c <= 'z') - if (A[c - 'a']) - charset[ofs + i++] = c; - charset[ofs + i] = 0; - } - c = '1'; - while (pos < length) { - ofs = pos++ << 8; - i = 0; - while (c <= '9') - charset[ofs + i++] = c++; - charset[ofs + i] = 0; - c = '0'; - } - - last = length - 1; - pos = -1; - while (++pos <= last) - word[pos] = charset[id[pos] = pos << 8]; - lastid = (lastofs = last << 8) - 1; - word[pos] = 0; -} - -void generate() -{ - int pos; - -/* Handle the typical case specially */ - if (word[last] = charset[++lastid]) return; - - word[pos = last] = charset[lastid = lastofs]; - while (pos--) { // Have a preceding position? - if (word[pos] = charset[++id[pos]]) return; - word[pos] = charset[id[pos] = pos << 8]; - } - - word = 0; // We're done -} - -void restore() -{ - int i, c; - -/* Calculate the current length and infer the character indices */ - last = 0; - while (c = word[last]) { - i = lastofs = last << 8; - while (charset[i] != c && charset[i]) i++; - if (!charset[i]) i = lastofs; // Not found - id[last++] = i; - } - lastid = id[--last]; -} - -/* - * This takes advantage of CVE-2013-2120 to find seeds that KDE Paste applet - * uses to generate passwords. - * - * This software is Copyright (c) Michael Samuel , - * and it is hereby released to the general public under the following terms: - * Redistribution and use in source and binary forms, with or without - * modification, are permitted. - */ -[List.External:KDEPaste] -int charset[95]; -int charset_length, password_length, endTime, startTime, msec; - -void init() -{ - password_length = 8; /* Change this to match config */ - endTime = session_start_time; - startTime = 1343743200; /* Aug 1 2012 - Change this as necessary */ - - msec = 1; /* msec is never 0 - it would crash the applet */ - - charset_length = 0; - int c; - - /* Comment out classes that you don't need, but keep the order the same */ - /* Lowers */ - c = 'a'; while (c <= 'z') charset[charset_length++] = c++; - - /* Uppers */ - c = 'A'; while (c <= 'Z') charset[charset_length++] = c++; - - /* Numbers */ - c = '0'; while (c <= '9') charset[charset_length++] = c++; - charset[charset_length++] = '0'; /* Yep, it's there twice */ - - /* Symbols */ - c = '!'; while (c <= '/') charset[charset_length++] = c++; - c = ':'; while (c <= '@') charset[charset_length++] = c++; - c = '['; while (c <= '`') charset[charset_length++] = c++; - c = '{'; while (c <= '~') charset[charset_length++] = c++; -} - -void generate() -{ - int i, rand_seed, rand_result; - - /* Terminate once we've generated for all * - * of the time range (Plus a bit more...) */ - if (endTime + 1000 < startTime) { - word = 0; - return; - } - - /* Skip msecs that would generate dupes */ - while (endTime % msec != 0) { - if (++msec > 999) { - endTime--; - msec = 1; - } - } - - rand_seed = endTime / msec; - - i = 0; - while (i < password_length) { - /* this works like rand_r() from eglibc */ - rand_seed = rand_seed * 1103515245 + 12345; - rand_result = (rand_seed >> 16) & 2047; - - rand_seed = rand_seed * 1103515245 + 12345; - rand_result <<= 10; - rand_result ^= (rand_seed >> 16) & 1023; - - rand_seed = rand_seed * 1103515245 + 12345; - rand_result <<= 10; - rand_result ^= (rand_seed >> 16) & 1023; - - word[i++] = charset[rand_result % charset_length]; - } - word[i] = 0; - - if (++msec > 999) { - endTime--; - msec = 1; - } -} - -void restore() -{ - int i, rand_seed, rand_result; - - i = 0; - - /* Very crude restore, just dry-run until we hit last word */ - while (i != password_length) { - - while (endTime % msec != 0) { - if (++msec > 999) { - endTime--; - msec = 1; - } - } - - rand_seed = endTime / msec; - - i = 0; - while (i < password_length) { - /* this works like rand_r() from eglibc */ - rand_seed = rand_seed * 1103515245 + 12345; - rand_result = (rand_seed >> 16) & 2047; - - rand_seed = rand_seed * 1103515245 + 12345; - rand_result <<= 10; - rand_result ^= (rand_seed >> 16) & 1023; - - rand_seed = rand_seed * 1103515245 + 12345; - rand_result <<= 10; - rand_result ^= (rand_seed >> 16) & 1023; - - if (charset[rand_result % charset_length] != word[i++]) - break; - } - - if (++msec > 999) { - endTime--; - msec = 1; - } - } -} - -/* Awesome Password Generator RNG replay - * Written by Michael Samuel - * Public Domain. - * - * This takes advantage of a subtle bug, where a crypto RNG is used to - * seed the C# System.Random() class, which takes a 32-bit input, but - * converts negative numbers into non-negative numbers, resulting in - * only 31 bits of security. - * - * This only implements "easy to type" being *unticked*, and numbers, - * lowers, uppers and symbols being ticked, in random password mode. - * Changing the password length is easy, anything else is left as an - * exercise to the reader. - * - * Running Awesome Password Generator (1.3.2 or lower) in Mono is still - * vulnerable, but uses a different RNG, so this mode isn't compatible. - */ - -/* Awesome Password Generator 1.3.2 does a two-pass run, selecting which - * charset each position will have, then picking the character. This - * leads to heavy bias, and is fixed in 1.4.0 (along with many other - * fixes). If you have been using Awesome Password Generator, you should - * upgrade immediately and change your passwords. - */ -[List.External:AwesomePasswordGenerator] -int numbers[10]; -int lowers[26]; -int uppers[26]; -int symbols[32]; - -/* Since we don't have a double datatype, I simply pre-calculated the - * transition numbers calculating the scale formula: - * (double)randNum * 4.656612873077393e-10 * {4/10/26/32} - */ -int boundaries_charclass[4]; -int boundaries_numbers[10]; -int boundaries_letters[26]; -int boundaries_symbols[32]; - -/* This is the bug we're exploiting - the seed for the RNG is 32 bits - * from the crypto rng. The non-crypto RNG converts negative numbers - * into non-negative numbers, so there's only 2^31 possible seeds. - */ -int seed; - -int password_length; - -void init() -{ - password_length = 16; /* Change this to match config */ - - int c, i; - - c = '0'; i = 0; while (c <= '9') numbers[i++] = c++; - c = 'a'; i = 0; while (c <= 'z') lowers[i++] = c++; - c = 'A'; i = 0; while (c <= 'Z') uppers[i++] = c++; - - /* Symbols */ - i = 0; - symbols[i++] = '!'; symbols[i++] = '@'; symbols[i++] = '#'; symbols[i++] = '$'; - symbols[i++] = '%'; symbols[i++] = '^'; symbols[i++] = '&'; symbols[i++] = '*'; - symbols[i++] = '('; symbols[i++] = ')'; symbols[i++] = '~'; symbols[i++] = '-'; - symbols[i++] = '_'; symbols[i++] = '='; symbols[i++] = '+'; symbols[i++] = '\\'; - symbols[i++] = '|'; symbols[i++] = '/'; symbols[i++] = '['; symbols[i++] = ']'; - symbols[i++] = '{'; symbols[i++] = '}'; symbols[i++] = ';'; symbols[i++] = ':'; - symbols[i++] = '`'; symbols[i++] = '\''; symbols[i++] = '"'; symbols[i++] = ','; - symbols[i++] = '.'; symbols[i++] = '<'; symbols[i++] = '>'; symbols[i++] = '?'; - - i = 0; - boundaries_charclass[i++] = 536870912; boundaries_charclass[i++] = 1073741824; - boundaries_charclass[i++] = 1610612736; boundaries_charclass[i++] = 2147483647; - - i = 0; - boundaries_numbers[i++] = 214748365; boundaries_numbers[i++] = 429496730; - boundaries_numbers[i++] = 644245095; boundaries_numbers[i++] = 858993460; - boundaries_numbers[i++] = 1073741824; boundaries_numbers[i++] = 1288490189; - boundaries_numbers[i++] = 1503238554; boundaries_numbers[i++] = 1717986919; - boundaries_numbers[i++] = 1932735284; boundaries_numbers[i++] = 2147483647; - - i = 0; - boundaries_letters[i++] = 82595525; boundaries_letters[i++] = 165191050; - boundaries_letters[i++] = 247786575; boundaries_letters[i++] = 330382100; - boundaries_letters[i++] = 412977625; boundaries_letters[i++] = 495573150; - boundaries_letters[i++] = 578168675; boundaries_letters[i++] = 660764200; - boundaries_letters[i++] = 743359725; boundaries_letters[i++] = 825955250; - boundaries_letters[i++] = 908550775; boundaries_letters[i++] = 991146300; - boundaries_letters[i++] = 1073741824; boundaries_letters[i++] = 1156337349; - boundaries_letters[i++] = 1238932874; boundaries_letters[i++] = 1321528399; - boundaries_letters[i++] = 1404123924; boundaries_letters[i++] = 1486719449; - boundaries_letters[i++] = 1569314974; boundaries_letters[i++] = 1651910499; - boundaries_letters[i++] = 1734506024; boundaries_letters[i++] = 1817101549; - boundaries_letters[i++] = 1899697074; boundaries_letters[i++] = 1982292599; - boundaries_letters[i++] = 2064888124; boundaries_letters[i++] = 2147483647; - - i = 0; - boundaries_symbols[i++] = 67108864; boundaries_symbols[i++] = 134217728; - boundaries_symbols[i++] = 201326592; boundaries_symbols[i++] = 268435456; - boundaries_symbols[i++] = 335544320; boundaries_symbols[i++] = 402653184; - boundaries_symbols[i++] = 469762048; boundaries_symbols[i++] = 536870912; - boundaries_symbols[i++] = 603979776; boundaries_symbols[i++] = 671088640; - boundaries_symbols[i++] = 738197504; boundaries_symbols[i++] = 805306368; - boundaries_symbols[i++] = 872415232; boundaries_symbols[i++] = 939524096; - boundaries_symbols[i++] = 1006632960; boundaries_symbols[i++] = 1073741824; - boundaries_symbols[i++] = 1140850688; boundaries_symbols[i++] = 1207959552; - boundaries_symbols[i++] = 1275068416; boundaries_symbols[i++] = 1342177280; - boundaries_symbols[i++] = 1409286144; boundaries_symbols[i++] = 1476395008; - boundaries_symbols[i++] = 1543503872; boundaries_symbols[i++] = 1610612736; - boundaries_symbols[i++] = 1677721600; boundaries_symbols[i++] = 1744830464; - boundaries_symbols[i++] = 1811939328; boundaries_symbols[i++] = 1879048192; - boundaries_symbols[i++] = 1946157056; boundaries_symbols[i++] = 2013265920; - boundaries_symbols[i++] = 2080374784; boundaries_symbols[i++] = 2147483647; - - seed = 0; -} - -void generate() -{ - int i, j, s, next, nextp, val, bucket, randnum, used_charsets; - int seedarray[56]; - - /* BEGIN System.Random(seed) */ - if(seed < 0) { - /* Only bother with non-negative integers */ - word = 0; - return; - } - - s = 161803398 - seed++; - seedarray[55] = s; - i = val = 1; - - while(i < 55) { - bucket = 21 * i % 55; - seedarray[bucket] = val; - val = s - val; - if(val < 0) val += 2147483647; - s = seedarray[bucket]; - i++; - } - - i = 1; - while(i < 5) { - j = 1; - while(j < 56) { - seedarray[j] -= seedarray[1 + (j + 30) % 55]; - if(seedarray[j] < 0) seedarray[j] += 2147483647; - j++; - } - i++; - } - next = 0; - nextp = 21; - /* END System.Random(seed) */ - - used_charsets = 0; - while(used_charsets != 15) { - i = 0; - while(i < password_length) { - /* BEGIN Random.Sample() */ - if (++next >= 56) next = 1; - if (++nextp >= 56) nextp = 1; - randnum = seedarray[next] - seedarray[nextp]; - if (randnum == 2147483647) randnum--; - if (randnum < 0) randnum += 2147483647; - seedarray[next] = randnum; - /* END Random.Sample() */ - - j = 0; - while(boundaries_charclass[j] < randnum) j++; - - word[i] = j; /* Temporarily store in word[] */ - used_charsets |= (1 << j); - i++; - } - } - - i = 0; - while(i < password_length) { - /* BEGIN Random.Sample() */ - if (++next >= 56) next = 1; - if (++nextp >= 56) nextp = 1; - randnum = seedarray[next] - seedarray[nextp]; - if (randnum == 2147483647) randnum--; - if (randnum < 0) randnum += 2147483647; - seedarray[next] = randnum; - /* END Random.Sample() */ - j = 0; - - if(word[i] == 0) { - while(boundaries_letters[j] < randnum) j++; - word[i++] = lowers[j]; - } else if (word[i] == 1) { - while(boundaries_letters[j] < randnum) j++; - word[i++] = uppers[j]; - } else if (word[i] == 2) { - while(boundaries_numbers[j] < randnum) j++; - word[i++] = numbers[j]; - } else { /* if (word[i] == 3) */ - while(boundaries_symbols[j] < randnum) j++; - word[i++] = symbols[j]; - } - } - word[i] = 0; -} - - -void restore() -{ - int i, j, s, next, nextp, val, bucket, randnum, used_charsets; - int seedarray[56]; - int candidate[32]; /* This needs to be at-least as big as password-length */ - - seed = 0; - - while(seed > 0) { - /* BEGIN System.Random(seed) */ - s = 161803398 - seed++; - seedarray[55] = s; - i = val = 1; - - while(i < 55) { - bucket = 21 * i % 55; - seedarray[bucket] = val; - val = s - val; - if(val < 0) val += 2147483647; - s = seedarray[bucket]; - i++; - } - - i = 1; - while(i < 5) { - j = 1; - while(j < 56) { - seedarray[j] -= seedarray[1 + (j + 30) % 55]; - if(seedarray[j] < 0) seedarray[j] += 2147483647; - j++; - } - i++; - } - next = 0; - nextp = 21; - /* END System.Random(seed) */ - - used_charsets = 0; - while(used_charsets != 15) { - i = 0; - while(i < password_length) { - /* BEGIN Random.Sample() */ - if (++next >= 56) next = 1; - if (++nextp >= 56) nextp = 1; - randnum = seedarray[next] - seedarray[nextp]; - if (randnum == 2147483647) randnum--; - if (randnum < 0) randnum += 2147483647; - seedarray[next] = randnum; - /* END Random.Sample() */ - - j = 0; - while(boundaries_charclass[j] < randnum) j++; - - candidate[i] = j; - used_charsets |= (1 << j); - i++; - } - } - - i = 0; - while(i < password_length) { - /* BEGIN Random.Sample() */ - if (++next >= 56) next = 1; - if (++nextp >= 56) nextp = 1; - randnum = seedarray[next] - seedarray[nextp]; - if (randnum == 2147483647) randnum--; - if (randnum < 0) randnum += 2147483647; - seedarray[next] = randnum; - /* END Random.Sample() */ - j = 0; - - if(candidate[i] == 0) { - while(boundaries_letters[j] < randnum) j++; - if(lowers[j] != word[i++]) break; - } else if (candidate[i] == 1) { - while(boundaries_letters[j] < randnum) j++; - if(uppers[j] != word[i++]) break; - } else if (candidate[i] == 2) { - while(boundaries_numbers[j] < randnum) j++; - if(numbers[j] != word[i++]) break; - } else { /* if (word[i] == 3) */ - while(boundaries_symbols[j] < randnum) j++; - if(symbols[j] != word[i++]) break; - } - } - if(i == password_length) return; - } -} - -# Try sequences of adjacent keys on a keyboard as candidate passwords -[List.External:Keyboard] -int maxlength, length; // Maximum password length to try, current length -int fuzz; // The desired "fuzz factor", either 0 or 1 -int id[15]; // Current character indices for each position -int m[0x800]; // The keys matrix -int mc[0x100]; // Counts of adjacent keys -int f[0x40], fc; // Characters for the first position, their count - -void init() -{ - int minlength; - int i, j, c, p; - int k[0x40]; - - // Initial password length to try - if (req_minlen) - minlength = req_minlen; - else - minlength = 1; - if (req_maxlen) - maxlength = req_maxlen; - else - maxlength = cipher_limit; // the format's limit - fuzz = 1; // "Fuzz factor", set to 0 for much quicker runs - -/* - * This defines the keyboard layout, by default for a QWERTY keyboard. - */ - i = 0; while (i < 0x40) k[i++] = 0; - k[0] = '`'; - i = 0; while (++i <= 9) k[i] = '0' + i; - k[10] = '0'; k[11] = '-'; k[12] = '='; - k[0x11] = 'q'; k[0x12] = 'w'; k[0x13] = 'e'; k[0x14] = 'r'; - k[0x15] = 't'; k[0x16] = 'y'; k[0x17] = 'u'; k[0x18] = 'i'; - k[0x19] = 'o'; k[0x1a] = 'p'; k[0x1b] = '['; k[0x1c] = ']'; - k[0x1d] = '\\'; - k[0x21] = 'a'; k[0x22] = 's'; k[0x23] = 'd'; k[0x24] = 'f'; - k[0x25] = 'g'; k[0x26] = 'h'; k[0x27] = 'j'; k[0x28] = 'k'; - k[0x29] = 'l'; k[0x2a] = ';'; k[0x2b] = '\''; - k[0x31] = 'z'; k[0x32] = 'x'; k[0x33] = 'c'; k[0x34] = 'v'; - k[0x35] = 'b'; k[0x36] = 'n'; k[0x37] = 'm'; k[0x38] = ','; - k[0x39] = '.'; k[0x3a] = '/'; - - i = 0; while (i < 0x100) mc[i++] = 0; - fc = 0; - - /* rows */ - c = 0; - i = 0; - while (i < 0x40) { - p = c; - c = k[i++] & 0xff; - if (!c) continue; - f[fc++] = c; - if (!p) continue; - m[(c << 3) + mc[c]++] = p; - m[(p << 3) + mc[p]++] = c; - } - f[fc] = 0; - - /* columns */ - i = 0; - while (i < 0x30) { - p = k[i++] & 0xff; - if (!p) continue; - j = 1 - fuzz; - while (j <= 1 + fuzz) { - c = k[i + 0x10 - j++] & 0xff; - if (!c) continue; - m[(c << 3) + mc[c]++] = p; - m[(p << 3) + mc[p]++] = c; - } - } - - length = 0; - while (length < minlength) - id[length++] = 0; -} - -void generate() -{ - int i, p, maxcount; - - word[i = 0] = p = f[id[0]]; - while (++i < length) - word[i] = p = m[(p << 3) + id[i]]; - word[i--] = 0; - - if (i) maxcount = mc[word[i - 1]]; else maxcount = fc; - while (++id[i] >= maxcount) { - if (!i) { - if (length < maxlength) { - id[0] = 0; - id[length++] = 0; - } - return; - } - id[i--] = 0; - if (i) maxcount = mc[word[i - 1]]; else maxcount = fc; - } -} - -void restore() -{ - int i; - - /* Calculate the length */ - length = 0; - while (word[length]) - id[length++] = 0; - - /* Infer the first character index */ - i = -1; - while (++i < fc) { - if (f[i] == word[0]) { - id[0] = i; - break; - } - } - - /* This sample can be enhanced to infer the rest of the indices here */ -} - -# Simplest (fastest?) possible dumb exhaustive search, demonstrating a -# mode that does not need any special restore() handling. -# Defaults to printable ASCII. -[List.External:DumbDumb] -int maxlength; // Maximum password length to try -int startchar, endchar; // Range of characters (inclusive) - -void init() -{ - int i; - - startchar = ' '; // Start with space - endchar = '~'; // End with tilde - - // Create first word, honoring --min-len - if (!(i = req_minlen)) - i++; - word[i] = 0; - while (i--) - word[i] = startchar; - word[0] = startchar - 1; - - if (req_maxlen) - maxlength = req_maxlen; // --max-len - else - maxlength = cipher_limit; // format's limit -} - -void generate() -{ - int i; - - if (++word <= endchar) - return; - - i = 0; - - while (word[i] > endchar) { - word[i++] = startchar; - if (!word[i]) { - word[i] = startchar; - word[i + 1] = 0; - } else - word[i]++; - } - - if (i >= maxlength) - word = 0; -} - -/* - * This mode will resume correctly without any restore handing. - * The empty function just confirms to John that everything is in order. - */ -void restore() -{ -} - -# Generic implementation of "dumb" exhaustive search, given a range of lengths -# and an arbitrary charset. This is pre-configured to try 8-bit characters -# against LM hashes, which is only reasonable to do for very short password -# half lengths. -[List.External:DumbForce] -int maxlength; // Maximum password length to try -int last; // Last character position, zero-based -int lastid; // Character index in the last position -int id[0x7f]; // Current character indices for other positions -int charset[0x100], c0; // Character set - -void init() -{ - int minlength; - int i, c; - - // Initial password length to try, must be at least 1 - if (req_minlen) - minlength = req_minlen; - else - minlength = 1; - if (req_maxlen) - maxlength = req_maxlen; - else - maxlength = cipher_limit; // the format's limit - -/* - * This defines the character set. - * - * Let's say, we want to try TAB, all non-control ASCII characters, and all - * 8-bit characters, including the 8-bit terminal controls range (as these are - * used as regular national characters with some 8-bit encodings), but except - * for known terminal controls (risky for the terminal we may be running on). - * - * Also, let's say our hashes are case-insensitive, so skip lowercase letters - * (this is right for LM hashes). - */ - i = 0; - charset[i++] = 9; // Add horizontal TAB (ASCII 9), then - c = ' '; // start with space (ASCII 32) and - while (c < 'a') // proceed till lowercase 'a' - charset[i++] = c++; - c = 'z' + 1; // Skip lowercase letters and - while (c <= 0x7e) // proceed for all printable ASCII - charset[i++] = c++; - c++; // Skip DEL (ASCII 127) and - while (c < 0x84) // proceed over 8-bit codes till IND - charset[i++] = c++; - charset[i++] = 0x86; // Skip IND (84 hex) and NEL (85 hex) - charset[i++] = 0x87; - c = 0x89; // Skip HTS (88 hex) - while (c < 0x8d) // Proceed till RI (8D hex) - charset[i++] = c++; - c = 0x91; // Skip RI, SS2, SS3, DCS - while (c < 0x96) // Proceed till SPA (96 hex) - charset[i++] = c++; - charset[i++] = 0x99; // Skip SPA, EPA, SOS - c = 0xa0; // Skip DECID, CSI, ST, OSC, PM, APC - while (c <= 0xff) // Proceed with the rest of 8-bit codes - charset[i++] = c++; - -/* Zero-terminate it, and cache the first character */ - charset[i] = 0; - c0 = charset[0]; - - last = minlength - 1; - i = 0; - while (i <= last) { - id[i] = 0; - word[i++] = c0; - } - lastid = -1; - word[i] = 0; -} - -void generate() -{ - int i; - -/* Handle the typical case specially */ - if (word[last] = charset[++lastid]) return; - - lastid = 0; - word[i = last] = c0; - while (i--) { // Have a preceding position? - if (word[i] = charset[++id[i]]) return; - id[i] = 0; - word[i] = c0; - } - - if (++last < maxlength) { // Next length? - id[last] = lastid = 0; - word[last] = c0; - word[last + 1] = 0; - } else // We're done - word = 0; -} - -void restore() -{ - int i, c; - -/* Calculate the current length and infer the character indices */ - last = 0; - while (c = word[last]) { - i = 0; while (charset[i] != c && charset[i]) i++; - if (!charset[i]) i = 0; // Not found - id[last++] = i; - } - lastid = id[--last]; -} - -# Generic implementation of exhaustive search for a partially-known password. -# This is pre-configured for length 8, lowercase and uppercase letters in the -# first 4 positions (52 different characters), and digits in the remaining 4 -# positions - however, the corresponding part of init() may be modified to use -# arbitrary character sets or even fixed characters for each position. -[List.External:KnownForce] -int last; // Last character position, zero-based -int lastofs; // Last character position offset into charset[] -int lastid; // Current character index in the last position -int id[0x7f]; // Current character indices for other positions -int charset[0x7f00]; // Character sets, 0x100 elements for each position - -void init() -{ - int length, maxlength; - int pos, ofs, i, c; - - if (req_minlen) - length = req_minlen; - else - length = 8; // Password length to try (NOTE: other [eg. shorter] - // lengths will not be tried!) - if (req_maxlen) - maxlength = req_maxlen; - else - maxlength = cipher_limit; // the format's limit - -/* This defines the character sets for different character positions */ - if (length > maxlength) - length = maxlength; - pos = 0; - while (pos < 4) { - ofs = pos++ << 8; - i = 0; - c = 'a'; - while (c <= 'z') - charset[ofs + i++] = c++; - c = 'A'; - while (c <= 'Z') - charset[ofs + i++] = c++; - charset[ofs + i] = 0; - } - while (pos < length) { - ofs = pos++ << 8; - i = 0; - c = '0'; - while (c <= '9') - charset[ofs + i++] = c++; - charset[ofs + i] = 0; - } - - last = length - 1; - pos = -1; - while (++pos <= last) - word[pos] = charset[id[pos] = pos << 8]; - lastid = (lastofs = last << 8) - 1; - word[pos] = 0; -} - -void generate() -{ - int pos; - -/* Handle the typical case specially */ - if (word[last] = charset[++lastid]) return; - - word[pos = last] = charset[lastid = lastofs]; - while (pos--) { // Have a preceding position? - if (word[pos] = charset[++id[pos]]) return; - word[pos] = charset[id[pos] = pos << 8]; - } - - word = 0; // We're done -} - -void restore() -{ - int i, c; - -/* Calculate the current length and infer the character indices */ - last = 0; - while (c = word[last]) { - i = lastofs = last << 8; - while (charset[i] != c && charset[i]) i++; - if (!charset[i]) i = lastofs; // Not found - id[last++] = i; - } - lastid = id[--last]; -} - -# A variation of KnownForce configured to try likely date and time strings. -[List.External:DateTime] -int last; // Last character position, zero-based -int lastofs; // Last character position offset into charset[] -int lastid; // Current character index in the last position -int id[0x7f]; // Current character indices for other positions -int charset[0x7f00]; // Character sets, 0x100 elements for each position - -void init() -{ - int length; - int pos, ofs, i, c; - - length = 8; // Must be one of: 4, 5, 7, 8 - -/* This defines the character sets for different character positions */ - pos = 0; - while (pos < length - 6) { - ofs = pos++ << 8; - i = 0; - c = '0'; - while (c <= '9') - charset[ofs + i++] = c++; - charset[ofs + i] = 0; - } - if (pos) { - ofs = pos++ << 8; - charset[ofs] = '/'; - charset[ofs + 1] = '.'; - charset[ofs + 2] = ':'; - charset[ofs + 3] = 0; - } - while (pos < length - 3) { - ofs = pos++ << 8; - i = 0; - c = '0'; - while (c <= '9') - charset[ofs + i++] = c++; - charset[ofs + i] = 0; - } - ofs = pos++ << 8; - charset[ofs] = '/'; - charset[ofs + 1] = '.'; - charset[ofs + 2] = ':'; - charset[ofs + 3] = 0; - while (pos < length) { - ofs = pos++ << 8; - i = 0; - c = '0'; - while (c <= '9') - charset[ofs + i++] = c++; - charset[ofs + i] = 0; - } - - last = length - 1; - pos = -1; - while (++pos <= last) - word[pos] = charset[id[pos] = pos << 8]; - lastid = (lastofs = last << 8) - 1; - word[pos] = 0; -} - -void generate() -{ - int pos; - -/* Handle the typical case specially */ - if (word[last] = charset[++lastid]) return; - - word[pos = last] = charset[lastid = lastofs]; - while (pos--) { // Have a preceding position? - if (word[pos] = charset[++id[pos]]) return; - word[pos] = charset[id[pos] = pos << 8]; - } - - word = 0; // We're done -} - -void restore() -{ - int i, c; - -/* Calculate the current length and infer the character indices */ - last = 0; - while (c = word[last]) { - i = lastofs = last << 8; - while (charset[i] != c && charset[i]) i++; - if (!charset[i]) i = lastofs; // Not found - id[last++] = i; - } - lastid = id[--last]; -} - # Try strings of repeated characters. # # This is the code which is common for all [List.External:Repeats*] @@ -3145,6 +2281,1140 @@ void generate() word[i] = 0; } +# Try sequences of adjacent keys on a keyboard as candidate passwords +[List.External:Keyboard] +int maxlength, length; // Maximum password length to try, current length +int fuzz; // The desired "fuzz factor", either 0 or 1 +int id[15]; // Current character indices for each position +int m[0x800]; // The keys matrix +int mc[0x100]; // Counts of adjacent keys +int f[0x40], fc; // Characters for the first position, their count + +void init() +{ + int minlength; + int i, j, c, p; + int k[0x40]; + + // Initial password length to try + if (req_minlen) + minlength = req_minlen; + else + minlength = 1; + if (req_maxlen) + maxlength = req_maxlen; + else + maxlength = cipher_limit; // the format's limit + fuzz = 1; // "Fuzz factor", set to 0 for much quicker runs + +/* + * This defines the keyboard layout, by default for a QWERTY keyboard. + */ + i = 0; while (i < 0x40) k[i++] = 0; + k[0] = '`'; + i = 0; while (++i <= 9) k[i] = '0' + i; + k[10] = '0'; k[11] = '-'; k[12] = '='; + k[0x11] = 'q'; k[0x12] = 'w'; k[0x13] = 'e'; k[0x14] = 'r'; + k[0x15] = 't'; k[0x16] = 'y'; k[0x17] = 'u'; k[0x18] = 'i'; + k[0x19] = 'o'; k[0x1a] = 'p'; k[0x1b] = '['; k[0x1c] = ']'; + k[0x1d] = '\\'; + k[0x21] = 'a'; k[0x22] = 's'; k[0x23] = 'd'; k[0x24] = 'f'; + k[0x25] = 'g'; k[0x26] = 'h'; k[0x27] = 'j'; k[0x28] = 'k'; + k[0x29] = 'l'; k[0x2a] = ';'; k[0x2b] = '\''; + k[0x31] = 'z'; k[0x32] = 'x'; k[0x33] = 'c'; k[0x34] = 'v'; + k[0x35] = 'b'; k[0x36] = 'n'; k[0x37] = 'm'; k[0x38] = ','; + k[0x39] = '.'; k[0x3a] = '/'; + + i = 0; while (i < 0x100) mc[i++] = 0; + fc = 0; + + /* rows */ + c = 0; + i = 0; + while (i < 0x40) { + p = c; + c = k[i++] & 0xff; + if (!c) continue; + f[fc++] = c; + if (!p) continue; + m[(c << 3) + mc[c]++] = p; + m[(p << 3) + mc[p]++] = c; + } + f[fc] = 0; + + /* columns */ + i = 0; + while (i < 0x30) { + p = k[i++] & 0xff; + if (!p) continue; + j = 1 - fuzz; + while (j <= 1 + fuzz) { + c = k[i + 0x10 - j++] & 0xff; + if (!c) continue; + m[(c << 3) + mc[c]++] = p; + m[(p << 3) + mc[p]++] = c; + } + } + + length = 0; + while (length < minlength) + id[length++] = 0; +} + +void generate() +{ + int i, p, maxcount; + + word[i = 0] = p = f[id[0]]; + while (++i < length) + word[i] = p = m[(p << 3) + id[i]]; + word[i--] = 0; + + if (i) maxcount = mc[word[i - 1]]; else maxcount = fc; + while (++id[i] >= maxcount) { + if (!i) { + if (length < maxlength) { + id[0] = 0; + id[length++] = 0; + } + return; + } + id[i--] = 0; + if (i) maxcount = mc[word[i - 1]]; else maxcount = fc; + } +} + +void restore() +{ + int i; + + /* Calculate the length */ + length = 0; + while (word[length]) + id[length++] = 0; + + /* Infer the first character index */ + i = -1; + while (++i < fc) { + if (f[i] == word[0]) { + id[0] = i; + break; + } + } + + /* This sample can be enhanced to infer the rest of the indices here */ +} + +# Simplest (fastest?) possible dumb exhaustive search, demonstrating a +# mode that does not need any special restore() handling. +# Defaults to printable ASCII. +[List.External:DumbDumb] +int maxlength; // Maximum password length to try +int startchar, endchar; // Range of characters (inclusive) + +void init() +{ + int i; + + startchar = ' '; // Start with space + endchar = '~'; // End with tilde + + // Create first word, honoring --min-len + if (!(i = req_minlen)) + i++; + word[i] = 0; + while (i--) + word[i] = startchar; + word[0] = startchar - 1; + + if (req_maxlen) + maxlength = req_maxlen; // --max-len + else + maxlength = cipher_limit; // format's limit +} + +void generate() +{ + int i; + + if (++word <= endchar) + return; + + i = 0; + + while (word[i] > endchar) { + word[i++] = startchar; + if (!word[i]) { + word[i] = startchar; + word[i + 1] = 0; + } else + word[i]++; + } + + if (i >= maxlength) + word = 0; +} + +/* + * This mode will resume correctly without any restore handing. + * The empty function just confirms to John that everything is in order. + */ +void restore() +{ +} + +# Generic implementation of "dumb" exhaustive search, given a range of lengths +# and an arbitrary charset. This is pre-configured to try 8-bit characters +# against LM hashes, which is only reasonable to do for very short password +# half lengths. +[List.External:DumbForce] +int maxlength; // Maximum password length to try +int last; // Last character position, zero-based +int lastid; // Character index in the last position +int id[0x7f]; // Current character indices for other positions +int charset[0x100], c0; // Character set + +void init() +{ + int minlength; + int i, c; + + // Initial password length to try, must be at least 1 + if (req_minlen) + minlength = req_minlen; + else + minlength = 1; + if (req_maxlen) + maxlength = req_maxlen; + else + maxlength = cipher_limit; // the format's limit + +/* + * This defines the character set. + * + * Let's say, we want to try TAB, all non-control ASCII characters, and all + * 8-bit characters, including the 8-bit terminal controls range (as these are + * used as regular national characters with some 8-bit encodings), but except + * for known terminal controls (risky for the terminal we may be running on). + * + * Also, let's say our hashes are case-insensitive, so skip lowercase letters + * (this is right for LM hashes). + */ + i = 0; + charset[i++] = 9; // Add horizontal TAB (ASCII 9), then + c = ' '; // start with space (ASCII 32) and + while (c < 'a') // proceed till lowercase 'a' + charset[i++] = c++; + c = 'z' + 1; // Skip lowercase letters and + while (c <= 0x7e) // proceed for all printable ASCII + charset[i++] = c++; + c++; // Skip DEL (ASCII 127) and + while (c < 0x84) // proceed over 8-bit codes till IND + charset[i++] = c++; + charset[i++] = 0x86; // Skip IND (84 hex) and NEL (85 hex) + charset[i++] = 0x87; + c = 0x89; // Skip HTS (88 hex) + while (c < 0x8d) // Proceed till RI (8D hex) + charset[i++] = c++; + c = 0x91; // Skip RI, SS2, SS3, DCS + while (c < 0x96) // Proceed till SPA (96 hex) + charset[i++] = c++; + charset[i++] = 0x99; // Skip SPA, EPA, SOS + c = 0xa0; // Skip DECID, CSI, ST, OSC, PM, APC + while (c <= 0xff) // Proceed with the rest of 8-bit codes + charset[i++] = c++; + +/* Zero-terminate it, and cache the first character */ + charset[i] = 0; + c0 = charset[0]; + + last = minlength - 1; + i = 0; + while (i <= last) { + id[i] = 0; + word[i++] = c0; + } + lastid = -1; + word[i] = 0; +} + +void generate() +{ + int i; + +/* Handle the typical case specially */ + if (word[last] = charset[++lastid]) return; + + lastid = 0; + word[i = last] = c0; + while (i--) { // Have a preceding position? + if (word[i] = charset[++id[i]]) return; + id[i] = 0; + word[i] = c0; + } + + if (++last < maxlength) { // Next length? + id[last] = lastid = 0; + word[last] = c0; + word[last + 1] = 0; + } else // We're done + word = 0; +} + +void restore() +{ + int i, c; + +/* Calculate the current length and infer the character indices */ + last = 0; + while (c = word[last]) { + i = 0; while (charset[i] != c && charset[i]) i++; + if (!charset[i]) i = 0; // Not found + id[last++] = i; + } + lastid = id[--last]; +} + +# Generic implementation of exhaustive search for a partially-known password. +# This is pre-configured for length 8, lowercase and uppercase letters in the +# first 4 positions (52 different characters), and digits in the remaining 4 +# positions - however, the corresponding part of init() may be modified to use +# arbitrary character sets or even fixed characters for each position. +[List.External:KnownForce] +int last; // Last character position, zero-based +int lastofs; // Last character position offset into charset[] +int lastid; // Current character index in the last position +int id[0x7f]; // Current character indices for other positions +int charset[0x7f00]; // Character sets, 0x100 elements for each position + +void init() +{ + int length, maxlength; + int pos, ofs, i, c; + + if (req_minlen) + length = req_minlen; + else + length = 8; // Password length to try (NOTE: other [eg. shorter] + // lengths will not be tried!) + if (req_maxlen) + maxlength = req_maxlen; + else + maxlength = cipher_limit; // the format's limit + +/* This defines the character sets for different character positions */ + if (length > maxlength) + length = maxlength; + pos = 0; + while (pos < 4) { + ofs = pos++ << 8; + i = 0; + c = 'a'; + while (c <= 'z') + charset[ofs + i++] = c++; + c = 'A'; + while (c <= 'Z') + charset[ofs + i++] = c++; + charset[ofs + i] = 0; + } + while (pos < length) { + ofs = pos++ << 8; + i = 0; + c = '0'; + while (c <= '9') + charset[ofs + i++] = c++; + charset[ofs + i] = 0; + } + + last = length - 1; + pos = -1; + while (++pos <= last) + word[pos] = charset[id[pos] = pos << 8]; + lastid = (lastofs = last << 8) - 1; + word[pos] = 0; +} + +void generate() +{ + int pos; + +/* Handle the typical case specially */ + if (word[last] = charset[++lastid]) return; + + word[pos = last] = charset[lastid = lastofs]; + while (pos--) { // Have a preceding position? + if (word[pos] = charset[++id[pos]]) return; + word[pos] = charset[id[pos] = pos << 8]; + } + + word = 0; // We're done +} + +void restore() +{ + int i, c; + +/* Calculate the current length and infer the character indices */ + last = 0; + while (c = word[last]) { + i = lastofs = last << 8; + while (charset[i] != c && charset[i]) i++; + if (!charset[i]) i = lastofs; // Not found + id[last++] = i; + } + lastid = id[--last]; +} + +# A variation of KnownForce configured to try likely date and time strings. +[List.External:DateTime] +int last; // Last character position, zero-based +int lastofs; // Last character position offset into charset[] +int lastid; // Current character index in the last position +int id[0x7f]; // Current character indices for other positions +int charset[0x7f00]; // Character sets, 0x100 elements for each position + +void init() +{ + int length; + int pos, ofs, i, c; + + length = 8; // Must be one of: 4, 5, 7, 8 + +/* This defines the character sets for different character positions */ + pos = 0; + while (pos < length - 6) { + ofs = pos++ << 8; + i = 0; + c = '0'; + while (c <= '9') + charset[ofs + i++] = c++; + charset[ofs + i] = 0; + } + if (pos) { + ofs = pos++ << 8; + charset[ofs] = '/'; + charset[ofs + 1] = '.'; + charset[ofs + 2] = ':'; + charset[ofs + 3] = 0; + } + while (pos < length - 3) { + ofs = pos++ << 8; + i = 0; + c = '0'; + while (c <= '9') + charset[ofs + i++] = c++; + charset[ofs + i] = 0; + } + ofs = pos++ << 8; + charset[ofs] = '/'; + charset[ofs + 1] = '.'; + charset[ofs + 2] = ':'; + charset[ofs + 3] = 0; + while (pos < length) { + ofs = pos++ << 8; + i = 0; + c = '0'; + while (c <= '9') + charset[ofs + i++] = c++; + charset[ofs + i] = 0; + } + + last = length - 1; + pos = -1; + while (++pos <= last) + word[pos] = charset[id[pos] = pos << 8]; + lastid = (lastofs = last << 8) - 1; + word[pos] = 0; +} + +void generate() +{ + int pos; + +/* Handle the typical case specially */ + if (word[last] = charset[++lastid]) return; + + word[pos = last] = charset[lastid = lastofs]; + while (pos--) { // Have a preceding position? + if (word[pos] = charset[++id[pos]]) return; + word[pos] = charset[id[pos] = pos << 8]; + } + + word = 0; // We're done +} + +void restore() +{ + int i, c; + +/* Calculate the current length and infer the character indices */ + last = 0; + while (c = word[last]) { + i = lastofs = last << 8; + while (charset[i] != c && charset[i]) i++; + if (!charset[i]) i = lastofs; // Not found + id[last++] = i; + } + lastid = id[--last]; +} + +# A variation of KnownForce configured to try all the 385641000 possible +# auto-generated passwords of DokuWiki versions up to at least 2013-05-10. +[List.External:DokuWiki] +int last; // Last character position, zero-based +int lastofs; // Last character position offset into charset[] +int lastid; // Current character index in the last position +int id[0x7f]; // Current character indices for other positions +int charset[0x7f00]; // Character sets, 0x100 elements for each position + +void init() +{ + int A[26], C[26], V[26]; + int length; + int pos, ofs, i, c; + + i = 0; while (i < 26) { A[i] = C[i] = 1; V[i++] = 0; } + i = 'a' - 'a'; C[i] = 0; V[i] = 1; + i = 'e' - 'a'; C[i] = 0; V[i] = 1; + i = 'i' - 'a'; C[i] = 0; V[i] = 1; + i = 'o' - 'a'; C[i] = 0; V[i] = 1; + i = 'u' - 'a'; C[i] = 0; V[i] = 1; + i = 'q' - 'a'; A[i] = C[i] = 0; + i = 'x' - 'a'; A[i] = C[i] = 0; + i = 'y' - 'a'; A[i] = C[i] = 0; + + length = 8; + +/* This defines the character sets for different character positions */ + pos = 0; + while (pos < 6) { + ofs = pos++ << 8; + i = 0; + c = 'a' - 1; + while (++c <= 'z') + if (C[c - 'a']) + charset[ofs + i++] = c; + charset[ofs + i] = 0; + ofs = pos++ << 8; + i = 0; + c = 'a' - 1; + while (++c <= 'z') + if (V[c - 'a']) + charset[ofs + i++] = c; + charset[ofs + i] = 0; + ofs = pos++ << 8; + i = 0; + c = 'a' - 1; + while (++c <= 'z') + if (A[c - 'a']) + charset[ofs + i++] = c; + charset[ofs + i] = 0; + } + c = '1'; + while (pos < length) { + ofs = pos++ << 8; + i = 0; + while (c <= '9') + charset[ofs + i++] = c++; + charset[ofs + i] = 0; + c = '0'; + } + + last = length - 1; + pos = -1; + while (++pos <= last) + word[pos] = charset[id[pos] = pos << 8]; + lastid = (lastofs = last << 8) - 1; + word[pos] = 0; +} + +void generate() +{ + int pos; + +/* Handle the typical case specially */ + if (word[last] = charset[++lastid]) return; + + word[pos = last] = charset[lastid = lastofs]; + while (pos--) { // Have a preceding position? + if (word[pos] = charset[++id[pos]]) return; + word[pos] = charset[id[pos] = pos << 8]; + } + + word = 0; // We're done +} + +void restore() +{ + int i, c; + +/* Calculate the current length and infer the character indices */ + last = 0; + while (c = word[last]) { + i = lastofs = last << 8; + while (charset[i] != c && charset[i]) i++; + if (!charset[i]) i = lastofs; // Not found + id[last++] = i; + } + lastid = id[--last]; +} + +# Strip 0.5 ("Secure Tool for Recalling Important Passwords") cracker, +# based on analysis done by Thomas Roessler and Ian Goldberg. This will +# crack passwords you may have generated with Strip; other uses of Strip +# are unaffected. +[List.External:Strip] +int minlength, maxlength, mintype, maxtype; +int crack_seed, length, type; +int count, charset[128]; + +void init() +{ + int c; + +/* Password lengths to try; Strip can generate passwords of 4 to 16 + * characters, but traditional crypt(3) hashes are limited to 8. */ + minlength = req_minlen; + if (minlength < 4) + minlength = 4; + if (req_maxlen) + maxlength = req_maxlen; + else // the format's limit + maxlength = cipher_limit; + if (maxlength >16) maxlength = 16; + +/* Password types to try (Numeric, Alpha-Num, Alpha-Num w/ Meta). */ + mintype = 0; // 0 + maxtype = 2; // 2 + + crack_seed = 0x10000; + length = minlength - 1; + type = mintype; + + count = 0; + c = '0'; while (c <= '9') charset[count++] = c++; +} + +void generate() +{ + int seed, random; + int i, c; + + if (crack_seed > 0xffff) { + crack_seed = 0; + + if (++length > maxlength) { + length = minlength; + + if (++type > maxtype) { + word[0] = 0; + return; + } + } + + count = 10; + if (type >= 1) { + c = 'a'; while (c <= 'f') charset[count++] = c++; + c = 'h'; while (c <= 'z') charset[count++] = c++; + c = 'A'; while (c <= 'Z') charset[count++] = c++; + } + if (type == 2) { + charset[count++] = '!'; + c = '#'; while (c <= '&') charset[count++] = c++; + c = '('; while (c <= '/') charset[count++] = c++; + c = '<'; while (c <= '>') charset[count++] = c++; + charset[count++] = '?'; charset[count++] = '@'; + charset[count++] = '['; charset[count++] = ']'; + charset[count++] = '^'; charset[count++] = '_'; + c = '{'; while (c <= '~') charset[count++] = c++; + } + } + + seed = (crack_seed++ << 16 >> 16) * 22695477 + 1; + + i = 0; + while (i < length) { + random = ((seed = seed * 22695477 + 1) >> 16) & 0x7fff; + word[i++] = charset[random % count]; + } + + word[i] = 0; +} + +/* + * This takes advantage of CVE-2013-2120 to find seeds that KDE Paste applet + * uses to generate passwords. + * + * This software is Copyright (c) Michael Samuel , + * and it is hereby released to the general public under the following terms: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted. + */ +[List.External:KDEPaste] +int charset[95]; +int charset_length, password_length, endTime, startTime, msec; + +void init() +{ + password_length = 8; /* Change this to match config */ + endTime = session_start_time; + startTime = 1343743200; /* Aug 1 2012 - Change this as necessary */ + + msec = 1; /* msec is never 0 - it would crash the applet */ + + charset_length = 0; + int c; + + /* Comment out classes that you don't need, but keep the order the same */ + /* Lowers */ + c = 'a'; while (c <= 'z') charset[charset_length++] = c++; + + /* Uppers */ + c = 'A'; while (c <= 'Z') charset[charset_length++] = c++; + + /* Numbers */ + c = '0'; while (c <= '9') charset[charset_length++] = c++; + charset[charset_length++] = '0'; /* Yep, it's there twice */ + + /* Symbols */ + c = '!'; while (c <= '/') charset[charset_length++] = c++; + c = ':'; while (c <= '@') charset[charset_length++] = c++; + c = '['; while (c <= '`') charset[charset_length++] = c++; + c = '{'; while (c <= '~') charset[charset_length++] = c++; +} + +void generate() +{ + int i, rand_seed, rand_result; + + /* Terminate once we've generated for all * + * of the time range (Plus a bit more...) */ + if (endTime + 1000 < startTime) { + word = 0; + return; + } + + /* Skip msecs that would generate dupes */ + while (endTime % msec != 0) { + if (++msec > 999) { + endTime--; + msec = 1; + } + } + + rand_seed = endTime / msec; + + i = 0; + while (i < password_length) { + /* this works like rand_r() from eglibc */ + rand_seed = rand_seed * 1103515245 + 12345; + rand_result = (rand_seed >> 16) & 2047; + + rand_seed = rand_seed * 1103515245 + 12345; + rand_result <<= 10; + rand_result ^= (rand_seed >> 16) & 1023; + + rand_seed = rand_seed * 1103515245 + 12345; + rand_result <<= 10; + rand_result ^= (rand_seed >> 16) & 1023; + + word[i++] = charset[rand_result % charset_length]; + } + word[i] = 0; + + if (++msec > 999) { + endTime--; + msec = 1; + } +} + +void restore() +{ + int i, rand_seed, rand_result; + + i = 0; + + /* Very crude restore, just dry-run until we hit last word */ + while (i != password_length) { + + while (endTime % msec != 0) { + if (++msec > 999) { + endTime--; + msec = 1; + } + } + + rand_seed = endTime / msec; + + i = 0; + while (i < password_length) { + /* this works like rand_r() from eglibc */ + rand_seed = rand_seed * 1103515245 + 12345; + rand_result = (rand_seed >> 16) & 2047; + + rand_seed = rand_seed * 1103515245 + 12345; + rand_result <<= 10; + rand_result ^= (rand_seed >> 16) & 1023; + + rand_seed = rand_seed * 1103515245 + 12345; + rand_result <<= 10; + rand_result ^= (rand_seed >> 16) & 1023; + + if (charset[rand_result % charset_length] != word[i++]) + break; + } + + if (++msec > 999) { + endTime--; + msec = 1; + } + } +} + +/* Awesome Password Generator RNG replay + * Written by Michael Samuel + * Public Domain. + * + * This takes advantage of a subtle bug, where a crypto RNG is used to + * seed the C# System.Random() class, which takes a 32-bit input, but + * converts negative numbers into non-negative numbers, resulting in + * only 31 bits of security. + * + * This only implements "easy to type" being *unticked*, and numbers, + * lowers, uppers and symbols being ticked, in random password mode. + * Changing the password length is easy, anything else is left as an + * exercise to the reader. + * + * Running Awesome Password Generator (1.3.2 or lower) in Mono is still + * vulnerable, but uses a different RNG, so this mode isn't compatible. + */ + +/* Awesome Password Generator 1.3.2 does a two-pass run, selecting which + * charset each position will have, then picking the character. This + * leads to heavy bias, and is fixed in 1.4.0 (along with many other + * fixes). If you have been using Awesome Password Generator, you should + * upgrade immediately and change your passwords. + */ +[List.External:AwesomePasswordGenerator] +int numbers[10]; +int lowers[26]; +int uppers[26]; +int symbols[32]; + +/* Since we don't have a double datatype, I simply pre-calculated the + * transition numbers calculating the scale formula: + * (double)randNum * 4.656612873077393e-10 * {4/10/26/32} + */ +int boundaries_charclass[4]; +int boundaries_numbers[10]; +int boundaries_letters[26]; +int boundaries_symbols[32]; + +/* This is the bug we're exploiting - the seed for the RNG is 32 bits + * from the crypto rng. The non-crypto RNG converts negative numbers + * into non-negative numbers, so there's only 2^31 possible seeds. + */ +int seed; + +int password_length; + +void init() +{ + password_length = 16; /* Change this to match config */ + + int c, i; + + c = '0'; i = 0; while (c <= '9') numbers[i++] = c++; + c = 'a'; i = 0; while (c <= 'z') lowers[i++] = c++; + c = 'A'; i = 0; while (c <= 'Z') uppers[i++] = c++; + + /* Symbols */ + i = 0; + symbols[i++] = '!'; symbols[i++] = '@'; symbols[i++] = '#'; symbols[i++] = '$'; + symbols[i++] = '%'; symbols[i++] = '^'; symbols[i++] = '&'; symbols[i++] = '*'; + symbols[i++] = '('; symbols[i++] = ')'; symbols[i++] = '~'; symbols[i++] = '-'; + symbols[i++] = '_'; symbols[i++] = '='; symbols[i++] = '+'; symbols[i++] = '\\'; + symbols[i++] = '|'; symbols[i++] = '/'; symbols[i++] = '['; symbols[i++] = ']'; + symbols[i++] = '{'; symbols[i++] = '}'; symbols[i++] = ';'; symbols[i++] = ':'; + symbols[i++] = '`'; symbols[i++] = '\''; symbols[i++] = '"'; symbols[i++] = ','; + symbols[i++] = '.'; symbols[i++] = '<'; symbols[i++] = '>'; symbols[i++] = '?'; + + i = 0; + boundaries_charclass[i++] = 536870912; boundaries_charclass[i++] = 1073741824; + boundaries_charclass[i++] = 1610612736; boundaries_charclass[i++] = 2147483647; + + i = 0; + boundaries_numbers[i++] = 214748365; boundaries_numbers[i++] = 429496730; + boundaries_numbers[i++] = 644245095; boundaries_numbers[i++] = 858993460; + boundaries_numbers[i++] = 1073741824; boundaries_numbers[i++] = 1288490189; + boundaries_numbers[i++] = 1503238554; boundaries_numbers[i++] = 1717986919; + boundaries_numbers[i++] = 1932735284; boundaries_numbers[i++] = 2147483647; + + i = 0; + boundaries_letters[i++] = 82595525; boundaries_letters[i++] = 165191050; + boundaries_letters[i++] = 247786575; boundaries_letters[i++] = 330382100; + boundaries_letters[i++] = 412977625; boundaries_letters[i++] = 495573150; + boundaries_letters[i++] = 578168675; boundaries_letters[i++] = 660764200; + boundaries_letters[i++] = 743359725; boundaries_letters[i++] = 825955250; + boundaries_letters[i++] = 908550775; boundaries_letters[i++] = 991146300; + boundaries_letters[i++] = 1073741824; boundaries_letters[i++] = 1156337349; + boundaries_letters[i++] = 1238932874; boundaries_letters[i++] = 1321528399; + boundaries_letters[i++] = 1404123924; boundaries_letters[i++] = 1486719449; + boundaries_letters[i++] = 1569314974; boundaries_letters[i++] = 1651910499; + boundaries_letters[i++] = 1734506024; boundaries_letters[i++] = 1817101549; + boundaries_letters[i++] = 1899697074; boundaries_letters[i++] = 1982292599; + boundaries_letters[i++] = 2064888124; boundaries_letters[i++] = 2147483647; + + i = 0; + boundaries_symbols[i++] = 67108864; boundaries_symbols[i++] = 134217728; + boundaries_symbols[i++] = 201326592; boundaries_symbols[i++] = 268435456; + boundaries_symbols[i++] = 335544320; boundaries_symbols[i++] = 402653184; + boundaries_symbols[i++] = 469762048; boundaries_symbols[i++] = 536870912; + boundaries_symbols[i++] = 603979776; boundaries_symbols[i++] = 671088640; + boundaries_symbols[i++] = 738197504; boundaries_symbols[i++] = 805306368; + boundaries_symbols[i++] = 872415232; boundaries_symbols[i++] = 939524096; + boundaries_symbols[i++] = 1006632960; boundaries_symbols[i++] = 1073741824; + boundaries_symbols[i++] = 1140850688; boundaries_symbols[i++] = 1207959552; + boundaries_symbols[i++] = 1275068416; boundaries_symbols[i++] = 1342177280; + boundaries_symbols[i++] = 1409286144; boundaries_symbols[i++] = 1476395008; + boundaries_symbols[i++] = 1543503872; boundaries_symbols[i++] = 1610612736; + boundaries_symbols[i++] = 1677721600; boundaries_symbols[i++] = 1744830464; + boundaries_symbols[i++] = 1811939328; boundaries_symbols[i++] = 1879048192; + boundaries_symbols[i++] = 1946157056; boundaries_symbols[i++] = 2013265920; + boundaries_symbols[i++] = 2080374784; boundaries_symbols[i++] = 2147483647; + + seed = 0; +} + +void generate() +{ + int i, j, s, next, nextp, val, bucket, randnum, used_charsets; + int seedarray[56]; + + /* BEGIN System.Random(seed) */ + if(seed < 0) { + /* Only bother with non-negative integers */ + word = 0; + return; + } + + s = 161803398 - seed++; + seedarray[55] = s; + i = val = 1; + + while(i < 55) { + bucket = 21 * i % 55; + seedarray[bucket] = val; + val = s - val; + if(val < 0) val += 2147483647; + s = seedarray[bucket]; + i++; + } + + i = 1; + while(i < 5) { + j = 1; + while(j < 56) { + seedarray[j] -= seedarray[1 + (j + 30) % 55]; + if(seedarray[j] < 0) seedarray[j] += 2147483647; + j++; + } + i++; + } + next = 0; + nextp = 21; + /* END System.Random(seed) */ + + used_charsets = 0; + while(used_charsets != 15) { + i = 0; + while(i < password_length) { + /* BEGIN Random.Sample() */ + if (++next >= 56) next = 1; + if (++nextp >= 56) nextp = 1; + randnum = seedarray[next] - seedarray[nextp]; + if (randnum == 2147483647) randnum--; + if (randnum < 0) randnum += 2147483647; + seedarray[next] = randnum; + /* END Random.Sample() */ + + j = 0; + while(boundaries_charclass[j] < randnum) j++; + + word[i] = j; /* Temporarily store in word[] */ + used_charsets |= (1 << j); + i++; + } + } + + i = 0; + while(i < password_length) { + /* BEGIN Random.Sample() */ + if (++next >= 56) next = 1; + if (++nextp >= 56) nextp = 1; + randnum = seedarray[next] - seedarray[nextp]; + if (randnum == 2147483647) randnum--; + if (randnum < 0) randnum += 2147483647; + seedarray[next] = randnum; + /* END Random.Sample() */ + j = 0; + + if(word[i] == 0) { + while(boundaries_letters[j] < randnum) j++; + word[i++] = lowers[j]; + } else if (word[i] == 1) { + while(boundaries_letters[j] < randnum) j++; + word[i++] = uppers[j]; + } else if (word[i] == 2) { + while(boundaries_numbers[j] < randnum) j++; + word[i++] = numbers[j]; + } else { /* if (word[i] == 3) */ + while(boundaries_symbols[j] < randnum) j++; + word[i++] = symbols[j]; + } + } + word[i] = 0; +} + + +void restore() +{ + int i, j, s, next, nextp, val, bucket, randnum, used_charsets; + int seedarray[56]; + int candidate[32]; /* This needs to be at-least as big as password-length */ + + seed = 0; + + while(seed > 0) { + /* BEGIN System.Random(seed) */ + s = 161803398 - seed++; + seedarray[55] = s; + i = val = 1; + + while(i < 55) { + bucket = 21 * i % 55; + seedarray[bucket] = val; + val = s - val; + if(val < 0) val += 2147483647; + s = seedarray[bucket]; + i++; + } + + i = 1; + while(i < 5) { + j = 1; + while(j < 56) { + seedarray[j] -= seedarray[1 + (j + 30) % 55]; + if(seedarray[j] < 0) seedarray[j] += 2147483647; + j++; + } + i++; + } + next = 0; + nextp = 21; + /* END System.Random(seed) */ + + used_charsets = 0; + while(used_charsets != 15) { + i = 0; + while(i < password_length) { + /* BEGIN Random.Sample() */ + if (++next >= 56) next = 1; + if (++nextp >= 56) nextp = 1; + randnum = seedarray[next] - seedarray[nextp]; + if (randnum == 2147483647) randnum--; + if (randnum < 0) randnum += 2147483647; + seedarray[next] = randnum; + /* END Random.Sample() */ + + j = 0; + while(boundaries_charclass[j] < randnum) j++; + + candidate[i] = j; + used_charsets |= (1 << j); + i++; + } + } + + i = 0; + while(i < password_length) { + /* BEGIN Random.Sample() */ + if (++next >= 56) next = 1; + if (++nextp >= 56) nextp = 1; + randnum = seedarray[next] - seedarray[nextp]; + if (randnum == 2147483647) randnum--; + if (randnum < 0) randnum += 2147483647; + seedarray[next] = randnum; + /* END Random.Sample() */ + j = 0; + + if(candidate[i] == 0) { + while(boundaries_letters[j] < randnum) j++; + if(lowers[j] != word[i++]) break; + } else if (candidate[i] == 1) { + while(boundaries_letters[j] < randnum) j++; + if(uppers[j] != word[i++]) break; + } else if (candidate[i] == 2) { + while(boundaries_numbers[j] < randnum) j++; + if(numbers[j] != word[i++]) break; + } else { /* if (word[i] == 3) */ + while(boundaries_symbols[j] < randnum) j++; + if(symbols[j] != word[i++]) break; + } + } + if(i == password_length) return; + } +} + +# Append the Luhn algorithm digit to arbitrary all-digit strings. Optimized +# for speed, not for size nor simplicity. The primary optimization trick is to +# compute the length and four sums in parallel (in two SIMD'ish variables). +# Then whether the length is even or odd determines which two of the four sums +# are actually used. Checks for non-digits and for NUL are packed into the +# SIMD'ish bitmasks as well. +[List.External:AppendLuhn] +int map1[0x100], map2[0x1fff]; + +void init() +{ + int i; + + map1[0] = ~0x7fffffff; + i = 1; + while (i < 0x100) + map1[i++] = ~0x7effffff; + i = -1; + while (++i < 10) + map1['0' + i] = i + ((i * 2 % 10 + i / 5) << 12); + i = -1; + while (++i < 0x1fff) { + if (i % 10) + map2[i] = '9' + 1 - i % 10; + else + map2[i] = '0'; + } +} + +void filter() +{ + int i, o, e; + + i = o = e = 0; + while ((o += map1[word[i++]]) >= 0) { + if ((e += map1[word[i++]]) >= 0) + continue; + if (e & 0x01000000) + return; // Not all-digit, leave unmodified + word[i--] = 0; + word[i] = map2[(e & 0xfff) + (o >> 12)]; + return; + } + if (o & 0x01000000) + return; // Not all-digit, leave unmodified + word[i--] = 0; + word[i] = map2[(o & 0xfff) + (e >> 12)]; +} + # Simple password policy matching: require at least one digit. [List.External:AtLeast1-Simple] void filter() @@ -3240,55 +3510,6 @@ void filter() word = 0; // Does not conform to policy } -# Append the Luhn algorithm digit to arbitrary all-digit strings. Optimized -# for speed, not for size nor simplicity. The primary optimization trick is to -# compute the length and four sums in parallel (in two SIMD'ish variables). -# Then whether the length is even or odd determines which two of the four sums -# are actually used. Checks for non-digits and for NUL are packed into the -# SIMD'ish bitmasks as well. -[List.External:AppendLuhn] -int map1[0x100], map2[0x1fff]; - -void init() -{ - int i; - - map1[0] = ~0x7fffffff; - i = 1; - while (i < 0x100) - map1[i++] = ~0x7effffff; - i = -1; - while (++i < 10) - map1['0' + i] = i + ((i * 2 % 10 + i / 5) << 12); - i = -1; - while (++i < 0x1fff) { - if (i % 10) - map2[i] = '9' + 1 - i % 10; - else - map2[i] = '0'; - } -} - -void filter() -{ - int i, o, e; - - i = o = e = 0; - while ((o += map1[word[i++]]) >= 0) { - if ((e += map1[word[i++]]) >= 0) - continue; - if (e & 0x01000000) - return; // Not all-digit, leave unmodified - word[i--] = 0; - word[i] = map2[(e & 0xfff) + (o >> 12)]; - return; - } - if (o & 0x01000000) - return; // Not all-digit, leave unmodified - word[i--] = 0; - word[i] = map2[(o & 0xfff) + (e >> 12)]; -} - # Trivial Rotate function, which rotates letters in a word # by a given number of places (like 13 in case of ROT13). # Words which don't contain any letters (and thus wouldn't be changed diff --git a/dotfiles/rvmrc b/dotfiles/rvmrc new file mode 100644 index 0000000..a495680 --- /dev/null +++ b/dotfiles/rvmrc @@ -0,0 +1 @@ +rvm_silence_path_mismatch_check_flag=1 diff --git a/dotfiles/vim/pack/matir/opt/solarized8 b/dotfiles/vim/pack/matir/opt/solarized8 index b9731ee..9afbe12 160000 --- a/dotfiles/vim/pack/matir/opt/solarized8 +++ b/dotfiles/vim/pack/matir/opt/solarized8 @@ -1 +1 @@ -Subproject commit b9731eed54c9ed9520d19c08b582f8e8f8355576 +Subproject commit 9afbe12f68082df4fab92d3cef3050910e7e9af2 diff --git a/dotfiles/vim/pack/matir/start/editorconfig b/dotfiles/vim/pack/matir/start/editorconfig index 68f8136..c718cef 160000 --- a/dotfiles/vim/pack/matir/start/editorconfig +++ b/dotfiles/vim/pack/matir/start/editorconfig @@ -1 +1 @@ -Subproject commit 68f8136d2b018bfa9b23403e87d3d65bc942cbc3 +Subproject commit c718cefc51ccdaf7bd27c4c1ae2de55103434241 diff --git a/dotfiles/vim/pack/matir/start/fugitive b/dotfiles/vim/pack/matir/start/fugitive index bd0b87d..c63fd1b 160000 --- a/dotfiles/vim/pack/matir/start/fugitive +++ b/dotfiles/vim/pack/matir/start/fugitive @@ -1 +1 @@ -Subproject commit bd0b87d36ad80e8acd94f22028d15ebb441b1c28 +Subproject commit c63fd1b71be037d4fd583649303875ad0fd17b57 diff --git a/dotfiles/vim/pack/matir/start/surround b/dotfiles/vim/pack/matir/start/surround index 5970688..fab8621 160000 --- a/dotfiles/vim/pack/matir/start/surround +++ b/dotfiles/vim/pack/matir/start/surround @@ -1 +1 @@ -Subproject commit 597068870b8f093a8b2d11536c62ff31222ee8d0 +Subproject commit fab8621670f71637e9960003af28365129b1dfd0 diff --git a/dotfiles/vim/pack/matir/start/syntastic b/dotfiles/vim/pack/matir/start/syntastic index 9f43dcb..0336c35 160000 --- a/dotfiles/vim/pack/matir/start/syntastic +++ b/dotfiles/vim/pack/matir/start/syntastic @@ -1 +1 @@ -Subproject commit 9f43dcb5a244faba6aedb6879b75a56c7de4b8ff +Subproject commit 0336c35c0b10b46d85cdd9c3df721f978429e82c diff --git a/dotfiles/vim/pack/matir/start/vim-go b/dotfiles/vim/pack/matir/start/vim-go index 58cda9d..8cecefd 160000 --- a/dotfiles/vim/pack/matir/start/vim-go +++ b/dotfiles/vim/pack/matir/start/vim-go @@ -1 +1 @@ -Subproject commit 58cda9d64bb822ed567ed775e30839d7344feb4a +Subproject commit 8cecefd77a40e8c9b9bbdbd2475a3f5bc64f591a diff --git a/dotfiles/zprezto b/dotfiles/zprezto index 1f4601e..8914274 160000 --- a/dotfiles/zprezto +++ b/dotfiles/zprezto @@ -1 +1 @@ -Subproject commit 1f4601e44c989b90dc7314b151891fa60a101251 +Subproject commit 8914274ca9f7b997d4a1663e0f290c691772db7f diff --git a/dotfiles/zpreztorc b/dotfiles/zpreztorc index e966c67..0babb44 100644 --- a/dotfiles/zpreztorc +++ b/dotfiles/zpreztorc @@ -80,6 +80,9 @@ zstyle ':prezto:module:editor' key-bindings 'vi' # Ignore submodules when they are 'dirty', 'untracked', 'all', or 'none'. # zstyle ':prezto:module:git:status:ignore' submodules 'all' +# Don't set up aliases I never use +zstyle ':prezto:module:git:alias' skip 'yes' + # # GNU Utility # diff --git a/dotfiles/zshrc b/dotfiles/zshrc index 320013c..a25dacb 100755 --- a/dotfiles/zshrc +++ b/dotfiles/zshrc @@ -59,7 +59,8 @@ bindkey '^r' history-incremental-search-backward # Source extras and aliases if interactive if [[ $- == *i* ]] ; then if [[ -e $HOME/.aliases ]] ; then source $HOME/.aliases ; fi - for file in $HOME/.zshrc.d/* ; do source "$file" ; done + # zsh-only-ism to avoid error if glob doesn't expand + for file in $HOME/.zshrc.d/*(N) ; do source "$file" ; done fi # In case ack is named ack-grep @@ -75,5 +76,11 @@ if command -v most >/dev/null 2>&1; then export PAGER="most" fi +# Enable grc if we have it +if ls --version 2>&1 >/dev/null ; then + alias ls='ls --color -C' +fi +[[ -s "/etc/grc.zsh" ]] && source /etc/grc.zsh + # Load any local settings if [ -e $HOME/.zshrc.local ] ; then source $HOME/.zshrc.local ; fi diff --git a/packages.cli b/packages.cli index 4768b67..2d32633 100644 --- a/packages.cli +++ b/packages.cli @@ -4,6 +4,7 @@ cryptsetup dsniff ecryptfs-utils exuberant-ctags +grc iftop iptraf ipython diff --git a/packages.fonts b/packages.fonts new file mode 100644 index 0000000..8176303 --- /dev/null +++ b/packages.fonts @@ -0,0 +1,21 @@ +fonts-anonymous-pro +fonts-dejavu +fonts-dseg +fonts-elusive-icons +fonts-font-awesome +fonts-freefont-otf +fonts-hack +fonts-inconsolata +fonts-larabie-deco +fonts-larabie-straight +fonts-larabie-uncommon +fonts-noto +fonts-ocr-a +fonts-ocr-b +fonts-open-sans +fonts-oxygen +fonts-roboto +fonts-stix +fonts-ubuntu +ttf-mscorefonts-installer +ttf-xfree86-nonfree