hons.un-excogitate.org

A Peek Inside JtR

MD5 related files: MD5_std.h MD5_std.c MD5_fmt.c formats.h formats.c
As mentioned yesturday, MD5_std.c contains all the code that is necessary to perform MD5 password checks, and the MD5_body() function is seen to be a direct copy (to some extent) of the MD5 algorithm as set out by RFC1321. This method itself receives multiple calls from within the MD5_std_crypt() function.

To allow for JtR to use different encryption algorithm's the use of formats.h describes a structure which allows the specific algorithm to store various descriptive elements as well as the links to the various functions, such as functions for initialisation, cyphertext checks, splitting functions, conversion functions, hashing functions, the actual crypt task, and comparison functions. This makes a lot of sense when viewing the fmt_MD5 struct as defined in MD5_fmt.c.

Apart from this structure this file also reveals important information about the algorithm such as the maximum length of plain-text passwords (15), the length of cyphertext (22), and the sizes of both the binary cyphertext in bytes (4) and the size of internal salt representations in bytes (8).

Returning back to the formats.h, this fmt_main structure is used by john.c itself as a way of registering all of the different algorithms at it's disposal, which would therefore imply that adding new algorithms is quite simple, as long as it conforms to the structures laid out by formats.h