Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Fri, 8 Jun 2012 08:53:59 +0200
From: Frank Dittrich <frank_dittrich@...mail.com>
To: john-users@...ts.openwall.com
Subject: Re: Re: --show=LEFT output

On 06/06/2012 12:02 PM, magnum wrote:
> On 06/05/2012 07:12 PM, Frank Dittrich wrote:
>> I'd just like to point out that changing the behavior of --show=LEFT in
>> the way suggested above would also make this option usable to split a
>> large file of uncracked hashes into hash format specific files, changing
>> ambiguous hashes by adding correct format tags to make those files
>> easily usable (removing the need to provide the correct --format=...
>> option for each cracking session.
>>
>> This was an issue that came up during the PHDays cracking contest, ans
>> IMHO this should be fixed prior to the CrackMeIfYouCan contest, may be
>> even prior to releasing the next jumbo version.
>>
>> What do you think about this?
> 
> I have looked into this long ago, but it's not all that trivial (the
> other info is simply not available at the time we print it). We would
> probably need to re-implement it from scratch.

I also had a look at the code and was afraid that the way --show=LEFT
handling was implemented was due to the fact that at user name and hash
were the only information available at that moment.

Another idea:

How hard would providing the format specific logic of valid(), prepare()
(and may be split() and get_source()) for outside use (e.g. by a shell
script preparing password hash files for easier use with john) be?

I imagine the script to process each line of a password hash file,
passing it to john, getting back the format specific hash with correct
tag, or an error code if the hash is not valid for the format specified.
(Just providing the hash might not be enough, since some formats need
the user name field or other fields to build the format specific hash
with correct tags.)
So, the script could use any of these commands

$ ./john --format=dummy --get-hash 'dummy_user:$dummy$313233'
$ ./john --format=dummy --get-hash='dummy_user:$dummy$313233'
$ echo 'dummy_user:$dummy$313233' | ./john --format=dummy --get-hash
$ echo -n 'dummy_user:$dummy$313233' | ./john --format=dummy --get-hash

or something similar, and john would write this to stdout:
$dummy$313233

(Of course, for --format=dummy, nobody would need this feature.)

Probably, this isn't such a good idea, and re-implementing --show=LEFT
handling from scratch would be the better long term solution.

Frank

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.