Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 12 Mar 2012 15:45:11 +0100
From: Andres Ederra <andres.ederra@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Cracking RACF passwords

Hi Alexander (and all),

I just want to encourage you about creating racf support for john.

You are not alone with the effort, I am also very interested... maybe
and only maybe I could get some company resources to work on that
too...

Anyway as far as I have investigated the issue the problem is to learn
the RACF algorithm, coding it as a john module its a no-issue.

I'm afraid that the people who know that info maybe retired (or
dead...) and IBM is not going to collaborate that much (I would want
to be wrong but...)

There is always the possibility to reverse-engineer the cracf.exe and
weakword.exe but that is a costly and painful road... (btw, afaik,
that is completely legal for interoperability, with its the exact
case, at least in Europe or at least in my country... ).

In any case I haven't find the resources to properly investigate the
issue... but it looks like Tierry Falissard work is promising (even if
you have to jump through some loops to access its web and
downloads...)

Have anyone checked this source code? http://pastebin.com/g2tVcEww I
know nothing about os-390 asm ... does it rely on a racf library? or
we can learn something about the algorithm from it?

Best regards

Andrés

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ