README.md
This is version 5 of a patch for John the Ripper http://www.openwall.com/john/
to allow cracking OpenVMS (Vax and Alpha) passwords.
It was written by Jean-loup Gailly, based on code from Shawn Clifford,
Davide Casale and Mario Ambrogetti. The patch was made for John 1.6.32
but may work for later versions. This tool is designed for system
administrators to detect users who too often select very bad passwords,
too easily guessable.

To apply the patch, get john-1.6.tar.gz and john-1.6.32.tar.gz from
http://www.openwall.com/john/ then do:
tar xfz john-1.6.tar.gz
tar xfz john-1.6.32.tar.gz
mv john-1.6.32 john-1.6.32vms
tar xfz john-1.6.32-VMS-patch-5.tar.gz
cp john-1.6/doc/* john-1.6.32vms/doc/
cp john-1.6/run/*.chr john-1.6.32vms/run/
cd john-1.6.32vms
patch -p0 < john-VMS.diff

But if you want to run John on VMS, you don't have to compile it
yourself, you can get VMS executables directly (see link below).
To get unuaf, simply copy john.exe to unuaf.exe.

This patch has been tested on x86 (Linux), Alpha (VMS and FreeBSD),
Vax (VMS), Sparc (SunOS), PA-RISC (HP-UX and Linux). The VMS Alpha executable
was made with Dec C 6.0 because the version compiled with Compaq C 6.5
does not work for Blowfish and NTLM; the option /noopt was used for VMS_std.c.

On x86, asm code is used for speed but a portable C version is
included as well. The asm version checks about 200,000 passwords per
second on a 1 Ghz system.

To compile on VMS, get:
. make: http://www.openvms.compaq.com/freeware/freeware50/gnumake/
. gzip: http://www.openvms.compaq.com/freeware/freeware50/gzip-1-2-4x/
. tar: http://www.openvms.compaq.com/freeware/freeware50/vmstar/

and set:
$ echo :== write sys$output
before using make.

To crack VMS passwords, you can use the native Alpha or Vax executable of
John, but for better speed you can transfer the file sys$system:sysuaf.dat
in binary mode to an x86 system running John. Note that you must be a
system administrator to have read access to the sysuaf file. In all cases,
be very careful of not giving others read access to your copy of sysuaf.dat.
Use an encrypted protocol such as scp (not ftp) to transfer any file to a
remote system.

Run unuaf to convert sysuaf.dat to a format usable by John:
unuaf sysuaf.dat > sysuaf.john
On VMS use:
pipe run unuaf > sysuaf.john

If unuaf can't read correctly the original indexed file sysuaf.dat, run the
following commands on VMS to convert it to a sequential format:

$ create sysuaf.fdl
file
organization sequential
record
block_span yes
carriage_control none
format undefined
size 1412
$ ! type ^Z if not in a command file to finish the create operation
$ convert /fdl=sysuaf.fdl sysuaf.dat sysuaf.seq
$ pipe mcr []unuaf.exe sysuaf.seq > sysuaf.john

If unuaf.exe is not in the current directory, modify [] above.

In john.conf, replace List.Rules:Wordlist with List.Rules:Wordlist2 and
List.Rules:WordlistVMS with List.Rules:Wordlist

You can get wordlists from ftp://ftp.ox.ac.uk/pub/wordlists/
To create wordlists optimised for VMS, remember that VMS passwords
can only contain uppercase letters, digits and the characters '$' and '_'.
A good way to reduce a generic wordlist for VMS is:

tr a-z A-Z < wordlist | tr -cd 'A-Z0-9$_\n' | sort -u > wordlist.vms

For convenience, the VMS cracker forces all passwords to uppercase
anyway, so you can use a wordlist in lowercase, or the single crack mode
which generates lowercase guesses. For speed, the VMS cracker doesn't check
that the password contains only legal characters so to avoid wasting time
create wordlists with only legal characters (upper or lower case).

For the incremental mode, generate your own vms.chr if you have a large
john.pot file already:
john -makechars:vms.chr -external:filter_vms
or just use directly:
john -i:vms passwd-file

For general questions about John the Ripper, please refer to its
documentation, available in http://www.openwall.com/john/john-1.6.tar.gz

This file: http://jl.gailly.net/security/README.VMS

VMS patch: http://jl.gailly.net/security/john-1.6.32-VMS-patch-5.tar.gz
Signature: http://jl.gailly.net/security/john-1.6.32-VMS-patch-5.tar.gz.sig

All patched sources: http://jl.gailly.net/security/john-1.6.32-VMS-5.tar.gz
Signature: http://jl.gailly.net/security/john-1.6.32-VMS-5.tar.gz.sig

VMS executables: http://jl.gailly.net/security/john-1_6_32-vms-5.zip
Signature: http://jl.gailly.net/security/john-1_6_32-vms-5.zip.sig
unzip to extract: http://www.openvms.compaq.com/freeware/freeware50/info-zip/

Revision history:
25 nov 2002: patch 1, first VMS patch, x86 only
30 nov 2002: patch 2, port to Alpha and Vax
3 dec 2002: patch 3, port to big endian systems, with bugs in Purdy1 and unuaf
4 dec 2002: patch 4, bug fixes in Purdy1 (thanks to Solar Designer) and unuaf
11 dec 2002: patch 5, significant speed improvements: use "long long" if
possible, reduce the number of multiplications and avoid useless modulo P
operations. Support non blocking IO on VMS (thanks to Martin Vorlaender).
Cleanup VMS_std.c, avoid duplication of code, use mul32by32 from math.c.

Jean-loup Gailly
http://gailly.net
PGP or GPG key: http://jl.gailly.net/jloup.asc
fingerprint: E3EC F4DF 7EDB E724 A3EC FBC2 D9A2 7D25 0196 71A7