Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <55A3CC88.9070505@mailbox.org>
Date: Mon, 13 Jul 2015 16:34:48 +0200
From: Frank Dittrich <frank.dittrich@...lbox.org>
To: john-dev@...ts.openwall.com
Subject: Re: *2john conversion support

On 07/13/2015 04:20 PM, Dhiru Kholia wrote:
> What is the expected output of this new unified single script (or
> program)? Can it just print a bunch of hashes for a given input file?

First, let's get an overview what those tools currently expect.
Some read from stdin and write to stdout, some want file names.
Some tools do support various options.


This is a q&d test to collect the usage output.
I had to press <Ctrl>-D for those three tools that expect to read from
stdin (aix2john.pl, cisco2john.pl, ldif2john.pl):

$ for f in *2john* unafs unshadow ; do echo $f; ./$f; done
1password2john.py
Usage: ./1password2john.py <1Password Agile Keychain(s)>
7z2john.py
Usage: ./7z2john.py < encrypted 7-Zip files >
aix2john.pl
aix2john.py
Usage: ./aix2john.py [-s] <AIX passwd file(s) (/etc/security/passwd)>
androidfde2john.py
Usage: ./androidfde2john.py <data partition / image> <footer partition /
image>
apex2john.py
Usage: ./apex2john.py <apex-hashes.txt file(s)>
bitcoin2john.py
Usage: ./bitcoin2john.py [bitcon wallet files]
blockchain2john.py
usage: blockchain2john.py [blockchain wallet files]

optional arguments:
  -h, --help  show this help message and exit
  --json      is input in base64 format?
cisco2john.pl
Usage:	./cisco2john.pl [cisco config file(s)] >>hashfile 2>>seed.txt
	./john -format:md5 -wordlist:seed.txt -rules hashfile

cracf2john.py
Usage: ./cracf2john.py <CRACF.TXT>
dmg2john
Usage: dmg2john [DMG files]
dmg2john.py
Usage: ./dmg2john.py [DMG files]
ecryptfs2john.py
Usage: ./ecryptfs2john.py <wrapped-passphrase> [.ecryptfsrc]

Example: ./ecryptfs2john.py ~/.ecryptfs/wrapped-passphrase
Example: ./ecryptfs2john.py ~/.ecryptfs/wrapped-passphrase ~/.ecryptfsrc
efs2john.py
For additional functionality, please install python-m2crypto package.
Usage:

efs2john.py
--masterkey=samples/openwall.efs/92573301-74fa-4e55-bd38-86fc558fa25e \
    --sid="S-1-5-21-1482476501-1659004503-725345543-1003"

efs2john.py
--masterkey=samples/openwall.efs.2/21d67870-8257-49e0-b2de-c58324271c42 \
    --sid="S-1-5-21-1482476501-1659004503-725345543-1005"

efs2john.py
--masterkey=samples/Win-2012-non-DC/1b52eb4f-440f-479e-b84a-654fdccad797 \
    --sid="S-1-5-21-689418962-3671548705-686489014-1001"
--password="openwall@123"

encfs2john.py
Usage: ./encfs2john.py <EncFS folder>
gpg2john
Usage: ./gpg2john [-d] [-S] <GPG Secret Key File(s)>
   if -d is used, then debugging of the object types decoded is written
   if -S is used, then subkeys will also be output
hccap2john
Usage: ./hccap2john <hccap file[s]>
htdigest2john.py
Usage: ./htdigest2john.py <htdigest file(s)>
ikescan2john.py
Usage: ./ikescan2john.py <psk-parameters-file> [norteluser]
kdcdump2john.py
Usage: ./kdcdump2john.py [dump]
keepass2john
Usage: ./keepass2john [-i <inline threshold>] [-k <keyfile>] <.kdbx
database(s)>
Default threshold is 1024 bytes (files smaller than that will be inlined)
keychain2john
Usage: keychain2john [keychain files]
keychain2john.py
Usage: keychain2john [keychain files]
keyring2john
Usage: keyring2john [GNOME Keyring file(s)]
keyring2john.py
usage: keyring2john.py [-h] KEYRING_FILE
keyring2john.py: error: too few arguments
keystore2john.py
Usage: ./keystore2john.py <.keystore / .jks file(s)>
known_hosts2john.py
Usage: known_hosts2john [known_hosts files]
krbpa2john.py
This program needs lxml libraries to run!
kwallet2john
Usage: ./kwallet2john <.kwl file(s)>
kwallet2john.py
Usage: ./kwallet2john.py <.kwl file(s)>
lastpass2john.py
Usage: ./lastpass2john.py <email address> <LastPass *._lpall.slps file>
ldif2john.pl
lion2john-alt.pl
Can't locate Data/Plist.pm in @INC (you may need to install the
Data::Plist module) (@INC contains: /usr/local/lib64/perl5
/usr/local/share/perl5 /usr/lib64/perl5/vendor_perl
/usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at
./lion2john-alt.pl line 14.
BEGIN failed--compilation aborted at ./lion2john-alt.pl line 14.
lion2john.pl
Usage: ./lion2john.pl PLIST-FILES > PASSWORD-FILE
lotus2john.py
Usage: ./lotus2john.py [Lotus Notes ID file(s)]
luks2john
Usage: ./luks2john [-i <inline threshold>] [LUKS file(s) / disk(s)]
Default threshold is 1024 bytes (files smaller than that will be inlined)
mcafee_epo2john.py
usage: ./mcafee_epo2john.py [dbo.OrionUsers CSV extracts]
ml2john.py
Usage: ./ml2john.py <Mountain Lion .plist files>
mozilla2john.py
Usage: mozilla2john [key3.db file(s)]
odf2john.py
Usage: ./odf2john.py <ODF files>
office2john.py
Usage: ./office2john.py <encrypted Office file(s)>
openbsd_softraid2john.py
Usage: openbsd_softraid2john [disk image]
openssl2john.py
Usage: ./openssl2john.py [-c cipher] [-m md] [-p plaintext] <OpenSSL
encrypted files>
cipher: 0 => aes-256-cbc, 1 => aes-128-cbc
md: 0 => md5, 1 => sha1
pcap2john.py
Traceback (most recent call last):
  File "./pcap2john.py", line 11, in <module>
    import dpkt
ImportError: No module named dpkt
pdf2john.py
Usage: pdf2john.py <PDF file(s)>
pfx2john
Usage: pfx2john [.pfx / .p12 file(s)]
putty2john
Usage: putty2john [.ppk PuTTY-Private-Key-File(s)]
pwsafe2john
Usage: pwsafe2john [.psafe3 files]
racf2john
Usage: racf2john [RACF binary files]
radius2john.pl
Can't locate Net/Pcap.pm in @INC (you may need to install the Net::Pcap
module) (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5
/usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl
/usr/lib64/perl5 /usr/share/perl5 .) at ./radius2john.pl line 34.
BEGIN failed--compilation aborted at ./radius2john.pl line 34.
rar2john
Usage: ./rar2john [-i <inline threshold>] <rar file(s)>
Default threshold is 1024 bytes (data smaller than that will be inlined)
sap2john.pl
Usage: ./sap2john.pl <input-file> [A|B|D|E|F|H]
sipdump2john.py
Usage: ./sipdump2john.py <sipdump dump files>
ssh2john
Usage: ssh2john [key file(s)]
sshng2john.py
Usage: ./sshng2john.py < RSA/DSA private key files >
strip2john.py
Usage: ./strip2john.py <STRIP files>
sxc2john.py
Usage: ./sxc2john.py <SXC files>
truecrypt2john.py
Error: No truecrypt volume file specified.

Utility to import TrueCrypt volume to a format crackeable by John The Ripper

Usage: ./truecrypt2john.py volume_filename [keyfiles(s)]> output_file
uaf2john
Usage: uaf_to_passwd uaf_file
vncpcap2john
Usage: ./vncpcap2john <pcapfiles>
wpapcap2john
Converts PCAP or IVS2 files to JtR format
Usage: ./wpapcap2john [-c] <file[s]>

-c	Show only complete auths (incomplete ones might be wrong passwords
	but we can crack what passwords were tried)

zip2john
Usage: ./zip2john [options] [zip files]
 -i <inline threshold> Set threshold for inlining data. Default is 1024
bytes
Options for 'old' PKZIP encrypted files only:
 -a <filename>   This is a 'known' ASCII file
    Using 'ascii' mode is a serious speedup, IF all files are larger, and
    you KNOW that at least one of them starts out as 'pure' ASCII data
 -o <filename>   Only use this file from the .zip file
 -c This will create a 'checksum only' hash.  If there are many encrypted
    files in the .zip file, then this may be an option, and there will be
    enough data that false possitives will not be seen.  If the .zip is 2
    byte checksums, and there are 3 or more of them, then we have 48 bits
    knowledge, which 'may' be enough to crack the password, without having
    to force the user to have the .zip file present
 -n Do not look for any magic file types in this zip.  If you know that
    are files with one of the 'magic' extensions, but they are not the right
    type files (some *.doc files that ARE NOT MS Office Word documents),
then
    this switch will keep them from being detected this way.  NOTE, that
    the 'magic' logic will only be used in john, under certain situations.
    Most of these situations are when there are only 'stored' files in
the zip
 -2 Force 2 byte checksum computation
unafs
Usage: unafs DATABASE-FILE CELL-NAME
unshadow
Usage: unshadow PASSWORD-FILE SHADOW-FILE


Frank

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.