|
Message-ID: <20060730191622.GA8985@openwall.com> Date: Sun, 30 Jul 2006 23:16:22 +0400 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: More problems with rules and Charset for french language On Sun, Jul 30, 2006 at 05:22:27PM -0000, madfran wrote: > I am trying to guest the second half of a LM hash. > The password contains french characters. > I know some characters. For example, > First character : S > Second character : T > Third character : R > Forth character : unknow > Fifth character : unknow > Sixth character : O > Seventh character : R The following external mode will do this for you: [List.External:STRxxOR] void init() { word[0] = 'S'; word[1] = 'T'; word[2] = 'R'; word[3] = 0x20; word[4] = 0x20 - 1; word[5] = 'O'; word[6] = 'R'; word[7] = 0; } void generate() { int i; i = 4; // Start from the last unknown character while (++word[i] > 0xff) // Try to increase it if (i > 3) // Overflow here, any more positions? word[i--] = 0x20; // Yes, move to the left, and repeat else { // No word = 0; return; // We're done } } Now, let me comment on your attempts at this: > [Incremental:french] > File = french.chr > MaxLen = 7 This is probably wrong, for several reasons: 1. You're not making use of the above definition when you invoke John like this: > C:\john\john-test-03>john --external=french hash-pims.txt Here, you're only telling John to use the external mode named "french", not the "incremental" mode of the same name. Here's how to tell John to use both definitions at the same time: john --incremental=french --external=french hash-pims.txt With the above command line, John will use the "incremental" mode to generate candidate passwords, and the filter() function from the external mode definition to filter some candidate passwords out or to modify them. The generate() function won't be used. 2. If you choose to use the "incremental" mode plus an external filter to modify the generated candidate passwords adding the known prefix and suffix strings, then you need to set "incremental" mode's MinLen and MaxLen to the length of your unknown part of the password only. That is, in your case you would set: MinLen = 2 MaxLen = 2 Yes, you could also run with "MaxLen = 7" and no external mode, but then you're not making use of your knowledge about the password. 3. You did not mention how you generated the french.chr, so I am not sure if it's correct. You do remember that the default compile-time configuration for John (in params.h) limits the "incremental" mode to printable US-ASCII characters only, right? 4. Last but not least: in order to guess just two characters, you don't need the full power of "incremental" mode. A simple external mode that I've provided an example of above will do. So you do not need to modify params.h, generate french.chr, define a new "incremental" mode, and specify it on the command line. You just invoke the external mode and you should get your password cracked in under a second. > [List.External:french] > int length; > > void init() > { > word[0] = 0x20 - 1; // Start with " " > word[length = 1] = 0; > } > > void filter() > { > word[6] = 'R'; > word[5] = 'O'; > word[4] = word[1]; > word[3] = word[0]; > word[2] = 'R'; > word[1] = 'T'; > word[0] = 'S'; > } > > void generate() [...] You appear to be trying to combine two different approaches here. This is wrong. Either you have your external mode actually generate the candidate passwords or you have it modify candidate passwords generated by another cracking mode, not both. -- Alexander Peslyak <solar at openwall.com> GPG key ID: B35D3598 fp: 6429 0D7E F130 C13E C929 6447 73C3 A290 B35D 3598 http://www.openwall.com - bringing security into open computing environments Was I helpful? Please give your feedback here: http://rate.affero.net/solar -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.