Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <BLU0-SMTP107BDB2DA967F6EA9D2FDCAFD100@phx.gbl>
Date: Tue, 8 May 2012 20:15:41 +0200
From: Frank Dittrich <frank_dittrich@...mail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Fwd: bash auto-completion for john

On 05/08/2012 08:58 AM, magnum wrote:
> Of course, we should also support dynamic completion of --format. I
> suppose this wont need any hidden option, we already get a parsable list
> from john with no options.

Done. (works for older john versions (force hash type NAME:
DES/BSDI/MD5/BF/AFS/LM/crypt...) and newer jumbo versions.

Together with the dynamic subformats (if available) we get more than 120
formats.
To avoid the "Display all n possibilities? (y or n)" promt, I decided to
provide this list in the first expansion step for
./john --format=
afs            dragonfly4-32  hmac-sha512    mscash2        nsldap
   racf           sapg
bf             dragonfly4-64  hmailserver    mschapv2       nt
   rar            sha1-gen
bfegg          drupal7        ipb2           mskrb5         nt2
   raw-md4        sip
bsdi           dummy          keychain       mssql          office
   raw-md5        ssh
crc32          dynamic        krb4           mssql05        oracle
   raw-md5u       sybasease
crypt          epi            krb5           mysql          oracle11
   raw-sha        trip
cryptsha256    episerver      lm             mysql-fast     osc
   raw-sha1       vnc
cryptsha512    hdaa           lotus5         mysql-sha1     pdf
   raw-sha224     xsha
des            hmac-md5       md4-gen        nethalflm      phpass-md5
   raw-sha256     xsha512
dmd5           hmac-sha1      md5            netlm          phps
   raw-sha384     zip
dominosec      hmac-sha224    md5ns          netlmv2        pix-md5
   raw-sha512
dragonfly3-32  hmac-sha256    mediawiki      netntlm        pkzip
   salted-sha1
dragonfly3-64  hmac-sha384    mscash         netntlmv2      po
   sapb


./john --format=d
des            dominosec      dragonfly3-64  dragonfly4-64  dummy
dmd5           dragonfly3-32  dragonfly4-32  drupal7        dynamic

./john --format=dy ... ./john --format=dynami get expanded to ./john
--format=dynamic (without a trailing space.

./john --format=dynamic gets expanded to ./john --format=dynamic_
(again, without a trailing space).

Tab expansion for ./john --format=dynamic_ (press [tab] key twice) lists
these options:
 dynamic_0     dynamic_1005  dynamic_13    dynamic_2     dynamic_26
dynamic_32    dynamic_8
dynamic_1     dynamic_1006  dynamic_14    dynamic_20    dynamic_27
dynamic_33    dynamic_9
dynamic_10    dynamic_1007  dynamic_15    dynamic_21    dynamic_28
dynamic_34
dynamic_1001  dynamic_1008  dynamic_16    dynamic_22    dynamic_29
dynamic_4
dynamic_1002  dynamic_1009  dynamic_17    dynamic_23    dynamic_3
dynamic_5
dynamic_1003  dynamic_11    dynamic_18    dynamic_24    dynamic_30
dynamic_6
dynamic_1004  dynamic_12    dynamic_19    dynamic_25    dynamic_31
dynamic_7

Better ideas?

for the non-jumbo version, it just lists these values:
john --format=
AFS    BF     BSDI   crypt  DES    LM     MD5

> 
> There's also --sub=list and --enc=list that could probably be used as-is.

-sub gets expanded to --subformat=LIST.
(I use --subformat=LIST to get the list of dynamic_* formats for the
--format= expansion, as mentioned above.

./john --encoding=
ansi         cp1252       cp437        cp850        cp866
iso-8859-15  koi8-r
cp1251       cp1253       cp737        cp858        iso-8859-1
iso-8859-7   utf-8

(Provided that the john version supports the --encoding=NAME option)



> I noticed I currently won't get any completion if I only write one dash,
> as in john -inc. Hopefully we can support both ways.

I'll expand -in or -inc to --incremental.
But currently expansion of -inc=Dig or --inc:Dig to -inc=Digits or
--incremental=Digits is not supported.

--incremental gets expanded to --incremental=
--incremental= uses the following hard coded list for expansion:
All     Alnum   Alpha   Digits  LanMan

(I'll not expand -incremental=)

As long as the john version supports an optional value for --rules and
--single (as indicated by the usage output), expansion for
./john --rules lists these (hard coded) values
--rules           --rules=NT        --rules=single    --rules=wordlist

Expansion for --single lists these hard coded values:
--single           --single=NT        --single=single    --single=wordlist

Expansion for --external= lists
AppendLuhn        DateTime          Filter_Alnum      Filter_LanMan
LanMan            Repeats
AtLeast1-Generic  Double            Filter_Alpha      Keyboard
Parallel          Strip
AtLeast1-Simple   DumbForce         Filter_Digits     KnownForce
Policy            Subsets


Expansion for ./john --save-memory= lists
1  2  3


For --wordlist=*|--config=*|--pot=*|--make-charset=*, I still list all
matching files and directories (in the current directory, unless the
value on the command line already includes path information).
I'm still thinking about removing the expansion for --make-charset=.
For --pot= and --config=, the list should probably filtered (just
directory names and *.pot or *.conf/*.ini files).

Still not working: correct handling of file names starting with ~.

Also currently not supported, but probably nice to have:
Expansion for ./john --restore and ./john --status

Less important:
--session=|--users=|--groups=|--shells=|--salts=
could be supported once I check the password hash files on the command
line. (It is questionable whether it is a good idea to process large
files in a shell script.)


Source code is still ugly.
But at least I managed to restrict usage of external commands to grep
and sed.

Frank

View attachment "john" of type "text/plain" (13010 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.