Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 1 Dec 2010 15:39:43 +0100
From: SL <auditor@...chat.de>
To: john-users@...ts.openwall.com
Subject: Re: Feature Requests for JtR

On 2010-02-22 at 20:15,  Solar Designer wrote:
> On Wed, Feb 03, 2010 at 12:29:16PM -0600, Minga Minga wrote:
>>  Do you all USE .log files for something? Is there something I  
>> SHOULD be doing with my .log files?
>> Because I just deleted a 400 MEG .log file without looking at it ;)
> The .log files are sometimes useful, and sometimes not.  I  
> understand your desire to be able to disable them.

I've hacked up following simple shell script (assuming bash and  
UTF-8, which should be default on most recent Linux and Mac OS X  
versions; for Windows I'd use Ubuntu in VirtualBox), that parses out  
successfully applied rules from (all) your log files, and generates  
an ordered "List.Rules:Successful" section for your john.conf, with  
most successful rules on top:

#!/bin/bash
echo -e "\n[List.Rules:Successful]"
grep -h -B1 " Cracked " *.log | iconv -f ISO-8859-1 -t UTF-8 \
| sed "s/.* Cracked .*/cracked/" | uniq -c | grep -v "[[:space:]]-- 
[[:space:]]*$" \
| sed "N;s/[[:space:]]*1 \(.*\)\r\?\n\(.*\)/\2 \1/" | grep " Rule #" \
| sed "s/cracked [^']*/hashes cracked - rule /" \
| while IFS=" " read count line; do
for ((i=1; i<=$count; i++)); do echo "$line"; done; done | sort |  
uniq -c | sort -rn \
| sed "s/^[[:space:]]*\([0-9]\+\)[[:space:]]\+.*rule '/# \1 cracked: 
\n/;s/' accepted.*//;s/^\[/:\0/"


With some additional sed magic, one could (at least partially)  
retransform this to "successful preprocessor instructions", but that  
would be too much to include here.

I could imagine that Solar Designer might be interested to receive a  
copy of this script's output from every list member?


Also, I'd like to add one more feature request to this topic:

It would be splendid to have "rules.d" support, i.e. instead of  
appending "List.Rules" sections to john.conf, write them into  
separate files like ../run/rules.d/wordlist.rules, ../run/rules.d/ 
single.rules, ../run/rules.d/successful.rules. This would allow above  
script's output to be simply redirected to ../run/rules.d/ 
successful.rules every once in a while, instead of manually editing  
john.conf.
Similarly, "List:External" modes could be stored in ../run/external.d/ 
lanman.mode, ../run/external.d/knownforce.mode, etc.; this might  
reduce john.conf's complexity quite notably.
Kinda like Apache does it with conf.d.

SL

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.