This is version 5 of a patch for John the Ripper http://www.openwall.com/john/ to allow cracking OpenVMS (Vax and Alpha) passwords. It was written by Jean-loup Gailly, based on code from Shawn Clifford, Davide Casale and Mario Ambrogetti. The patch was made for John 1.6.32 but may work for later versions. This tool is designed for system administrators to detect users who too often select very bad passwords, too easily guessable. To apply the patch, get john-1.6.tar.gz and john-1.6.32.tar.gz from http://www.openwall.com/john/ then do: tar xfz john-1.6.tar.gz tar xfz john-1.6.32.tar.gz mv john-1.6.32 john-1.6.32vms tar xfz john-1.6.32-VMS-patch-5.tar.gz cp john-1.6/doc/* john-1.6.32vms/doc/ cp john-1.6/run/*.chr john-1.6.32vms/run/ cd john-1.6.32vms patch -p0 < john-VMS.diff But if you want to run John on VMS, you don't have to compile it yourself, you can get VMS executables directly (see link below). To get unuaf, simply copy john.exe to unuaf.exe. This patch has been tested on x86 (Linux), Alpha (VMS and FreeBSD), Vax (VMS), Sparc (SunOS), PA-RISC (HP-UX and Linux). The VMS Alpha executable was made with Dec C 6.0 because the version compiled with Compaq C 6.5 does not work for Blowfish and NTLM; the option /noopt was used for VMS_std.c. On x86, asm code is used for speed but a portable C version is included as well. The asm version checks about 200,000 passwords per second on a 1 Ghz system. To compile on VMS, get: . make: http://www.openvms.compaq.com/freeware/freeware50/gnumake/ . gzip: http://www.openvms.compaq.com/freeware/freeware50/gzip-1-2-4x/ . tar: http://www.openvms.compaq.com/freeware/freeware50/vmstar/ and set: $ echo :== write sys$output before using make. To crack VMS passwords, you can use the native Alpha or Vax executable of John, but for better speed you can transfer the file sys$system:sysuaf.dat in binary mode to an x86 system running John. Note that you must be a system administrator to have read access to the sysuaf file. In all cases, be very careful of not giving others read access to your copy of sysuaf.dat. Use an encrypted protocol such as scp (not ftp) to transfer any file to a remote system. Run unuaf to convert sysuaf.dat to a format usable by John: unuaf sysuaf.dat > sysuaf.john On VMS use: pipe run unuaf > sysuaf.john If unuaf can't read correctly the original indexed file sysuaf.dat, run the following commands on VMS to convert it to a sequential format: $ create sysuaf.fdl file organization sequential record block_span yes carriage_control none format undefined size 1412 $ ! type ^Z if not in a command file to finish the create operation $ convert /fdl=sysuaf.fdl sysuaf.dat sysuaf.seq $ pipe mcr []unuaf.exe sysuaf.seq > sysuaf.john If unuaf.exe is not in the current directory, modify [] above. In john.conf, replace List.Rules:Wordlist with List.Rules:Wordlist2 and List.Rules:WordlistVMS with List.Rules:Wordlist You can get wordlists from ftp://ftp.ox.ac.uk/pub/wordlists/ To create wordlists optimised for VMS, remember that VMS passwords can only contain uppercase letters, digits and the characters '$' and '_'. A good way to reduce a generic wordlist for VMS is: tr a-z A-Z < wordlist | tr -cd 'A-Z0-9$_\n' | sort -u > wordlist.vms For convenience, the VMS cracker forces all passwords to uppercase anyway, so you can use a wordlist in lowercase, or the single crack mode which generates lowercase guesses. For speed, the VMS cracker doesn't check that the password contains only legal characters so to avoid wasting time create wordlists with only legal characters (upper or lower case). For the incremental mode, generate your own vms.chr if you have a large john.pot file already: john -makechars:vms.chr -external:filter_vms or just use directly: john -i:vms passwd-file For general questions about John the Ripper, please refer to its documentation, available in http://www.openwall.com/john/john-1.6.tar.gz This file: http://jl.gailly.net/security/README.VMS VMS patch: http://jl.gailly.net/security/john-1.6.32-VMS-patch-5.tar.gz Signature: http://jl.gailly.net/security/john-1.6.32-VMS-patch-5.tar.gz.sig All patched sources: http://jl.gailly.net/security/john-1.6.32-VMS-5.tar.gz Signature: http://jl.gailly.net/security/john-1.6.32-VMS-5.tar.gz.sig VMS executables: http://jl.gailly.net/security/john-1_6_32-vms-5.zip Signature: http://jl.gailly.net/security/john-1_6_32-vms-5.zip.sig unzip to extract: http://www.openvms.compaq.com/freeware/freeware50/info-zip/ Revision history: 25 nov 2002: patch 1, first VMS patch, x86 only 30 nov 2002: patch 2, port to Alpha and Vax 3 dec 2002: patch 3, port to big endian systems, with bugs in Purdy1 and unuaf 4 dec 2002: patch 4, bug fixes in Purdy1 (thanks to Solar Designer) and unuaf 11 dec 2002: patch 5, significant speed improvements: use "long long" if possible, reduce the number of multiplications and avoid useless modulo P operations. Support non blocking IO on VMS (thanks to Martin Vorlaender). Cleanup VMS_std.c, avoid duplication of code, use mul32by32 from math.c. Jean-loup Gailly http://gailly.net PGP or GPG key: http://jl.gailly.net/jloup.asc fingerprint: E3EC F4DF 7EDB E724 A3EC FBC2 D9A2 7D25 0196 71A7