Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <5713DDB4.5010209@openwall.net>
Date: Sun, 17 Apr 2016 14:02:12 -0500
From: jfoug <jfoug@...nwall.net>
To: john-dev@...ts.openwall.com
Subject: New Feature: Calling external from rules

This is a 'talk it out' thread.  I have opened a github issue also 
(https://github.com/magnumripper/JohnTheRipper/issues/2121).  Solar 
mentioned this idea in another github thread, but in relation to the 'e' 
rule being taken while he was thinking of using it to trigger a call to 
an external script.

Here is the text from the new request issue on github:

This idea came from #2095 
<https://github.com/magnumripper/JohnTheRipper/issues/2095> 
https://github.com/magnumripper/JohnTheRipper/issues/2095

    Solar: It makes me thinking what command character we'd (eventually)
    use for executing an external mode function from a ruleset, though -
    'e' could have stood for "external" - but perhaps this should in
    fact be a separate topic

As for external being called as a rule, I really only see calling a 
filter function to modify the word, or reject it.

As for the rule to use, these are already spoken for. Note: where there 
are letters available of either case, there is a gap

|A cCdDeE f i kKlL M oOpPqQ rRsStTuUvV xXyYzZ { } [ ] () <> _ ' : / $ ^ 
# % @ ! = \ * + - . , 12 4 6|

So we can see we are getting pretty 'tight' on letters. However, for 
calling an external function, could we view this as a 'spawn', and wrap 
it in sh syntax? |`function`| ?

The ` is not used, and seems a safe bet as having to real meaning (other 
than spawn meaning from the shell languages). That way, we could even 
comment it could be a extern function or even a system spawn (Yes, I 
know Solar will not agree to this security hole, but we can wish, lol).

So a rule such as:

|\]\]$[a-f0-9]$[ -~]c`corp_complexity`|
would chop last 2 letters, append a hex, then some other ASCII char, 
then case the word, and then finally call the corp_complexity external 
script which would accept or cause the final word to be dropped as not 
meeting some corp standard, or perform some other task

-- Community volunteer for John the Ripper project.


Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.