ddouhine · September 12, 2018 12:10
diff --git a/[JtR] Add JBoss||Wildfly hash format b/[JtR] Add JBoss||Wildfly hash format
 /////////////////////////////////////////////////////////////////////////////////////////////
 Add these lines to JtR /run/dynamic.conf:
 /////////////////////////////////////////////////////////////////////////////////////////////
 [List.Generic:dynamic_1591]
 Expression=md5($u:ManagementRealm:$p)
 CONST1=:ManagementRealm:
 Flag=MGF_USERNAME
 Flag=MGF_NOTSSE2Safe
 Func=DynamicFunc__clean_input
 Func=DynamicFunc__append_userid
 Func=DynamicFunc__append_input1_from_CONST1
 Func=DynamicFunc__append_keys
 Func=DynamicFunc__crypt_md5
 Test=$dynamic_1591$1c3470194afdc84b90a0781c5e4462fc:test:user

 /////////////////////////////////////////////////////////////////////////////////////////////
 JBoss hash creation
 /////////////////////////////////////////////////////////////////////////////////////////////
 root@kali:~/ts/jboss-as-7.1.1.Final/bin# ./add-user.sh

 What type of user do you wish to add?
 a) Management User (mgmt-users.properties)
 b) Application User (application-users.properties)
 (a): a

 Enter the details of the new user to add.
 Realm (ManagementRealm) :
 Username : user
 Password :
 Re-enter Password :
 About to add user 'user' for realm 'ManagementRealm'
 Is this correct yes/no? yes
 Added user 'user' to file '/root/ts/jboss-as-7.1.1.Final/standalone/configuration/mgmt-users.properties'
 Added user 'user' to file '/root/ts/jboss-as-7.1.1.Final/domain/configuration/mgmt-users.properties'

 root@kali:~/ts/jboss-as-7.1.1.Final/bin# cat /root/ts/jboss-as-7.1.1.Final/standalone/configuration/mgmt-users.properties
 #
 # Properties declaration of users for the realm 'ManagementRealm' which is the default realm
 # for new AS 7.1 installations. Further authentication mechanism can be configured
 # as part of the <management /> in standalone.xml.
 #
 # Users can be added to this properties file at any time, updates after the server has started
 # will be automatically detected.
 #
 # By default the properties realm expects the entries to be in the format: -
 # username=HEX( MD5( username ':' realm ':' password))
 #
 # A utility script is provided which can be executed from the bin folder to add the users: -
 # - Linux
 #  bin/add-user.sh
 #
 # - Windows
 #  bin\add-user.bat

 # The following illustrates how an admin user could be defined, this
 # is for illustration only and does not correspond to a usable password.
 #
 user=1c3470194afdc84b90a0781c5e4462fc

 root@kali:/opt/bleeding-jumbo/JohnTheRipper/run# pythonPython 2.7.13 (default, Jan 19 2017, 14:48:08)[GCC 6.3.0 20170118] on linux2Type "help", "copyright", "credits" or "license" for more information.
 >>> import hashlib; md5sum = hashlib.md5("user:ManagementRealm:test").hexdigest(); print md5sum
 1c3470194afdc84b90a0781c5e4462fc
 >>> quit()

 /////////////////////////////////////////////////////////////////////////////////////////////
 JtR test
 /////////////////////////////////////////////////////////////////////////////////////////////
 root@kali:/opt/bleeding-jumbo/JohnTheRipper/run# cat bibi
 davy:0d1677df470e9b391d31a156d2754713

 root@kali:/opt/bleeding-jumbo/JohnTheRipper/run# ./john --format=dynamic_1591 bibi
 Using default input encoding: UTF-8
 Loaded 1 password hash (dynamic_1591 [md5($u:ManagementRealm:$p) 32/64 x2 (MD5_body)])
 Warning: no OpenMP support for this hash type, consider --fork=8
 Press 'q' or Ctrl-C to abort, almost any other key for status
 password         (davy)
 1g 0:00:00:00 DONE 2/3 (2016-04-15 08:57) 5.882g/s 14758p/s 14758c/s 14758C/s 123456..phillips
 Use the "--show" option to display all of the cracked passwords reliably
 Session completed

 /////////////////////////////////////////////////////////////////////////////////////////////
 one-liner (thx to Solar Designer)
 /////////////////////////////////////////////////////////////////////////////////////////////
 --format='dynamic=md5($u.$c1.$p),c1=:ManagementRealm:'

 ref: https://www.openwall.com/lists/john-users/2016/04/17/1
	/////////////////////////////////////////////////////////////////////////////////////////////
	Add these lines to JtR /run/dynamic.conf:
	/////////////////////////////////////////////////////////////////////////////////////////////
	[List.Generic:dynamic_1591]
	Expression=md5($u:ManagementRealm:$p)
	CONST1=:ManagementRealm:
	Flag=MGF_USERNAME
	Flag=MGF_NOTSSE2Safe
	Func=DynamicFunc__clean_input
	Func=DynamicFunc__append_userid
	Func=DynamicFunc__append_input1_from_CONST1
	Func=DynamicFunc__append_keys
	Func=DynamicFunc__crypt_md5
	Test=$dynamic_1591$1c3470194afdc84b90a0781c5e4462fc:test:user

	/////////////////////////////////////////////////////////////////////////////////////////////
	JBoss hash creation
	/////////////////////////////////////////////////////////////////////////////////////////////
	root@kali:~/ts/jboss-as-7.1.1.Final/bin# ./add-user.sh

	What type of user do you wish to add?
	a) Management User (mgmt-users.properties)
	b) Application User (application-users.properties)
	(a): a

	Enter the details of the new user to add.
	Realm (ManagementRealm) :
	Username : user
	Password :
	Re-enter Password :
	About to add user 'user' for realm 'ManagementRealm'
	Is this correct yes/no? yes
	Added user 'user' to file '/root/ts/jboss-as-7.1.1.Final/standalone/configuration/mgmt-users.properties'
	Added user 'user' to file '/root/ts/jboss-as-7.1.1.Final/domain/configuration/mgmt-users.properties'

	root@kali:~/ts/jboss-as-7.1.1.Final/bin# cat /root/ts/jboss-as-7.1.1.Final/standalone/configuration/mgmt-users.properties
	#
	# Properties declaration of users for the realm 'ManagementRealm' which is the default realm
	# for new AS 7.1 installations. Further authentication mechanism can be configured
	# as part of the <management /> in standalone.xml.
	#
	# Users can be added to this properties file at any time, updates after the server has started
	# will be automatically detected.
	#
	# By default the properties realm expects the entries to be in the format: -
	# username=HEX( MD5( username ':' realm ':' password))
	#
	# A utility script is provided which can be executed from the bin folder to add the users: -
	# - Linux
	# bin/add-user.sh
	#
	# - Windows
	# bin\add-user.bat

	# The following illustrates how an admin user could be defined, this
	# is for illustration only and does not correspond to a usable password.
	#
	user=1c3470194afdc84b90a0781c5e4462fc

	root@kali:/opt/bleeding-jumbo/JohnTheRipper/run# pythonPython 2.7.13 (default, Jan 19 2017, 14:48:08)[GCC 6.3.0 20170118] on linux2Type "help", "copyright", "credits" or "license" for more information.
	>>> import hashlib; md5sum = hashlib.md5("user:ManagementRealm:test").hexdigest(); print md5sum
	1c3470194afdc84b90a0781c5e4462fc
	>>> quit()

	/////////////////////////////////////////////////////////////////////////////////////////////
	JtR test
	/////////////////////////////////////////////////////////////////////////////////////////////
	root@kali:/opt/bleeding-jumbo/JohnTheRipper/run# cat bibi
	davy:0d1677df470e9b391d31a156d2754713

	root@kali:/opt/bleeding-jumbo/JohnTheRipper/run# ./john --format=dynamic_1591 bibi
	Using default input encoding: UTF-8
	Loaded 1 password hash (dynamic_1591 [md5($u:ManagementRealm:$p) 32/64 x2 (MD5_body)])
	Warning: no OpenMP support for this hash type, consider --fork=8
	Press 'q' or Ctrl-C to abort, almost any other key for status
	password (davy)
	1g 0:00:00:00 DONE 2/3 (2016-04-15 08:57) 5.882g/s 14758p/s 14758c/s 14758C/s 123456..phillips
	Use the "--show" option to display all of the cracked passwords reliably
	Session completed

	/////////////////////////////////////////////////////////////////////////////////////////////
	one-liner (thx to Solar Designer)
	/////////////////////////////////////////////////////////////////////////////////////////////
	--format='dynamic=md5($u.$c1.$p),c1=:ManagementRealm:'

	ref: https://www.openwall.com/lists/john-users/2016/04/17/1