Comments for Lepton's Crack

02 Sep 2004 16:10 lepton

Mingw support


I've done a couple of changes in sha1.h, md5.c solving some compatibility problems.

Also, LCrack can now be compiled under the MINGW environment (gettimeofday() is now implemented for MingW, and %llu is replaced by %I64u -- don't worry, it's all #ifdef'd, so Unix/Linux/Cygwin works like always..)

02 Sep 2004 12:55 lepton

Improvements and new features..


Hi all,

After a long time, I'm back with lcrack :)

The regex's are now enumerated in increasing-length order, and the speed penalty is very small (if you prefer the 'old' way of enumerating regex's, use the '-g#' switch instead of '-g')

I've also added a separate 'regex' program that enumerates the expression (with the 'usual' -s, -l and -g[#]) and dumps it to stdout..

I'm now also making a program called 'mktbl' that generates pre-computed tables for faster cracking. Input is stdin (one word per line), and output is a binary file suitable for use with '-xf+ -t' in lcrack. The program is already finished, but I'm testing it..

I still haven't integrated my version with Bruneti's improvements, but hopefully I'll take care of that soon..

I will shortly update the lycos site and the stuff here..

Lepton.

11 Aug 2004 02:36 nekromancer

Re: Hi from Argentina!!!!!
Hi Umpy

Nice to "see" you here ;-)
Are you "still in the business"? email me privately please.
Cheers,

Nekromancer

11 Aug 2004 02:35 nekromancer

Re: Can you make it faster?
Hi Erman,

I ALSO use John the Ripper when bruteforce cracking speed or password mangling is a must ;-)
I use Lepton's Crack for the features that make it unique:

a) REGEX support (see the link to the demo above)
b) Lotus Domino R4 support
c) SHA-1 support

Answering your question, the code is almost as fast as possible using pure C language (OK, someone can improve it, for sure ;-)
To make it faster, portions of it have to be coded in machine language, thus losing portability, and it's definitely not our intention to do that in the inmediate future.
Cheers,

Nekromancer

11 Aug 2004 01:55 lcheseline

Hi from Argentina!!!!!
Hello Mike!

Wonderful to see that you are still active with the tool.

Greetings from one of your students @CIUA!

CU

Lord Cheseline

aka Umpy ;-)

11 Aug 2004 01:19 ErmanG

Can you make it faster?
I regularly use John The Ripper, mainly because is 8 times faster than lcrack, but it lacks regex and sha-1 support.

10 Aug 2004 03:52 nekromancer

About the use of wildcards in the REGEX functionality
Well... I don't know if some people discovered that, but we never mentioned this in the documentation ;-)

Lepton's Crack 20030404 and newer HAS wildcard support in the REGEX functionality, that allows variable length support.

In this case, the -l modifier (normally used to specify the maximum length to try for the entire password) has a slightly different meaning. It specifies the length of the variable (wildcard) section.

Example:

For some strange reason, I know that a password starts with sjk (not sure about the case), but I'm not sure what come after that or how many keys were pressed, and it ends with 56.

./lcrack -m nt4 -g [sS][jJ][kK][*][5][6] -xb+ -l 4 crackme.txt

This will scan passwords with up to 4 characters in the wildcard position.

./lcrack -m nt4 -g [sS][jJ][kK][*][5][6] -xb+ -l 8 crackme.txt

This will scan passwords with up to 8 characters in the wildcard position, and will take loooong.

All other characters will follow the standard REGEX rules:

1st character: s or S

2nd character: j or J

3rd character: k or K

last 2 characters: 56

The reason it will take long in the second example is because currently lcrack starts testing with the longest string, and proceeds down to 1 character.

That means that:

a) we've to change the routine to start with the shortest string, and proceed up to the longest

b) in the mean time, it's better for you if you start with a short string, and if there's no match try a longer one, sorry!

Cheers,

Nekromancer

30 Jul 2004 05:44 nekromancer

Crack mode in latest development branch (20031130)
Piero changed the default crack mode to NONE in engine.c

That means that you HAVE to specify at least 1 cracking mode with:

-xl+ : login mode

-xf+ : fast word list mode

-xs+ : smart word list mode

-xb+ : brute-force mode

Of course you can specify more than one (example):

./lcrack -m dom -xl+ -xb+ hashes.txt

will try login mode first, then incremental (bruteforce).

30 Jul 2004 05:39 nekromancer

Solving compiling problems with gcc 3.x
As mentioned in Lepton's Crack original site (http://usuarios.lycos.es/reinob/):

If you run into problems trying to compile it with gcc 3.x, modify the file sha1.h as follows (i.e.: remove the old code, put in the new one):

OLD CODE:

#ifdef __USE_ISOC99

#include <stdint.h>

#else

/*

* If you do not have the ISO standard

* stdint.h header file, then you

* must typdef the following:

* name meaning

* uint32_t unsigned 32 bit integer

* uint8_t unsigned 8 bit integer (i.e., unsigned char)

* int_least16_t integer of >= 16 bits

*

*/

typedef unsigned int uint32_t;

typedef unsigned char uint8_t;

typedef short int int_least16_t;

#endif

NEW CODE THAT WORKS:

#include <stdint.h>

23 Jul 2004 04:23 nekromancer

Re: CLUSTER
Hi Gordon,

The application itself doesn't contemplate clustering, but I did some testing using clusterKnoppix and splitting the file with the hashes in as many parts as nodes I had in the cluster.
With this setup, clusterKnoppix itself took care to migrate every instance of lcrack into a sepparate node, and all of them run at full speed.
In my opinion is the best way to "clusterize" Lepton's Crack.
Cheers,

Nekromancer

Screenshot

Project Spotlight

ReciJournal

An open, cross-platform journaling program.

Screenshot

Project Spotlight

Veusz

A scientific plotting package.