Wednesday, July 4, 2018

Cracking raw MD5 hashes with John the Ripper

I just spent at least 15 minutes trying to figure out why every single post on the Internet tells me to place MD5 hash in a file and call John like this
john --format=raw-md5 --wordlist=/usr/share/dict/words md5.txt
and yet, it constantly gives me an error message:
No password hashes loaded (see FAQ)
The content of md5.txt was:
20E11C279CE49BCC51EDC8041B8FAAAA
I even tried prepending dummy user before this hash, like this:
dummyuser: 20E11C279CE49BCC51EDC8041B8FAAAA
but without any luck.

And of course I have extended version of John the Ripper that support raw-md5 format.

It turned out that John doesn't support capital letters in hash value! They have to be written in small letters like this:
20e11c279ce49bcc51edc8041b8fbbb6
after that change, everything worked like a charm. What a stupid error!?

Sunday, June 3, 2018

Emulating Amstrad PC1512

My first computer was Amstrad Schneider PC1512SD  so it's understandable that I'm attached to that computer. I own two of them but since lately I don't have enough time to play with them I started to search for emulators to be able to try from time to time old software and games I've used. Since I lost some time to figure out how to emulate Amstrad, I decided to document everything in this blog post. This should be useful to me when I decide I want to play with it again in the future, but it can also help anyone else following my footsteps.

First I needed to find PC XT emulator. Modern day emulators/virtualization solutions like Qemu, VirtualBox, VMWare, and even Bochs do not support anything older than Pentium. So, some other emulator has to be used. After some time spending searching for XT emulators I found the following candidates:
  1. MAME
  2. PCem
  3. PCjs
Turns out MAME and PCem support Amstrad PC1512 while PCjs doesn't. So I decided to go with PCem and MAME. After some trying I didn't manage to get anything from PCem. Namely, after starting emulation the screen was completely garbled so I decided to try MAME. I spent some time trying to figure out how to emulate Amstrad using MAME. Here is the essence of it on Fedora 27:
  1. First, you need to install mame package. This package is present in Fedora repository so except of 'dnf install mame' no additional configuration is necessary.
  2. Next, you need to obtain ROM images from Amstrad. After some (actually a lot of) Googling I managed to find them. If I remember correctly, I obtained them via MAME ROMS package.
ROMs that you should have are any of the following three ones:
  1. Version 1 ROMs: 40044.ic132 (8kB, SHA1: 7781d4717917262805d514b331ba113b1e05a247) and 40043.ic129 (8kB, SHA1: 74002f5cc542df442eec9e2e7a18db3598d8c482)
  2. Version 2 ROMs: 40044v2.ic132 (8kB, SHA1: b12fd73cfc35a240ed6da4dcc4b6c9910be611e0) and 40043v2.ic129 (8kB, SHA1: c376fd1ad23025081ae16c7949e88eea7f56e1bb)
  3. Version 3 ROMs: 40044-2.ic132 (8kb, SHA1: b77fa44767a71a0b321a88bb0a394f1125b7c220) and 40043-2.ic129 (8kB, SHA1: 18a17b710f9eb079d9d7216d07807030f904ceda).
The names are as expected by MAME. In addition there'll be some other ROMs too:
  1. 40045.ic127 (8kb, SHA1: 7d858bbb2e8d6143aa67ab712edf5f753c2788a7)
  2. 40078.ic127 (8kB, SHA1: bc8dc4dcedeea5bc1c04986b1f105ad93cb2ebcd)
  3. wdbios.rom (8kB, SHA1: 601d7ceab282394ebab50763c267e915a6a2166a)
The first two are, I believe, fonts while the third one is necessary only if you want to emulate HD version of PC1512.

Create in the current (working) directory folder named pc1512 and place selected ROMs into it.

We can now start emulator. Use the following command line:
$ mame pc1512 -rompath . -window -uimodekey DEL_PAD
The first argument to MAME emulator is machine that should be emulated, in our case its PC1512. The option rompath instructs MAME to search for ROMs in the current directory. In our case it'll search for folder named pc1512 and within it for ROMs names as given above. The the option window prevents MAME from going fullscreen (and I had some problems exiting). Finally, the option uimodekey defines escape key to access internal menu.

This will give famous "Pleas wait..." message from BIOS and then "Insert SYSTEM disk into drive A" message. Now we are at the point of providing boot disks to the emulated machine. For that it is necessary to obtain images of Amstrad PC1512 disks. You can find them here. The problem is that disks 1 and 4 are given in CFI format (Compressed Floppy Image, created by tool FDCOPY.COM), while disks 2 and 3 are archives.

So, after unpacking disk 1 (46001.Zip) and disk 4 (46004.Zip) you are presented with files 46001.CFI and 46004.CFI which are not recognized by MAME. To convert them into appropriate format use the following command:
dsktrans -itype cfi 46001.cfi 46001.dsk
dsktrans is a tool that is part of libdsk-tools package, also part of the Fedora repository. So, just run 'dnf install libdsk-tools' and that should be it. After converting 1st disk you can also convert 4th disk.

Now, we are ready to start MAME with system disk provided. One way to do that is to open internal MAME menu after staring PC1512 and then attaching disk image. The other way is to use command line:
mame pc1512 -rompath . -window -uimodekey DEL_PAD -flop 46001.dsk
The new option is flop that defines image to be used as a floppy in a floppy disk. By the way, to find out supported floppies you can use the following command:
mame pc1512 -listmedia
and take a note of (brief) column.

What happens now is that you are provided with MS DOS command prompt in emulated machine.

The next step is to start GEM, but before that I have to find out how to create floppy disk image. Note that the tools imgtool that is part of MAME gives segmentation fault on almost any command you try. Anyway, stay tuned for GEM...

Some useful resources I found while working on this:

About Me

scientist, consultant, security specialist, networking guy, system administrator, philosopher ;)

Blog Archive