|
Message-ID: <20080331061832.GA5087@openwall.com> Date: Mon, 31 Mar 2008 10:18:32 +0400 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: passwords with fixed position characters and numbers On Fri, Mar 28, 2008 at 12:27:58AM +0100, Ronald Brakeboer wrote: > I did some searching in old topics and came up with this: Thank you for searching the archive - I wish everyone did that. > Two options: > > Generate a file (with John) with all the combo's of aaaa and ZZZZ. Dump it > to external. > Then add a rule in external (I guess) and add following: > $[0-9]$[0-9]$[0-9]$[0-9] > this will append 4 digits at the end of a word from your wordlist. > Then run John. This is almost right, except that the above rule is for wordlist mode - so you'd put it in "[List.Rules:Wordlist]", replacing the contents of that section. External modes don't use this rules syntax; they use a C-like programming language instead. > Option 2. > > I found following script for format aaa0000 (which is 3 alpha-4digits) As you could see, it was too specialized and it handled each character position separately. > Only problem is....no Uppper case...how to change that? That would be easy to fix, but the resulting code would look even worse than the original did - you'd have to duplicate that code fix for each character position where you need both lowercase and uppercase letters. > [List.External:aaa0000] > void init() > { > word[0] = 'a'; > word[1] = 'a'; > word[2] = 'a'; // just copied one line and added +1 to all word[x] entries to get aaaa0000 instead of aaa0000 > word[3] = 'a'; > word[4] = '0'; > word[5] = '0'; > word[6] = '0'; This looks right so far. > word[7] = '/'; // what's this doing? Is that ok? Shouldn't that be > word[8] = 0; here? In ASCII, '/' is the character right before '0'. This is the correct initialization for the last character in word[] because the code in generate() would start by incrementing it, thereby setting it to '0'. A much cleaner way to write it would be: word[7] = '0' - 1; > word[8] = 0; This is correct - we need to NUL-terminate word[]. > // I was thinking of something like this: aaaa0009 then add +1 to 7th > pos..if aaaa0099 add +1 to 6th post etc etc Right. Also, don't forget to reset the 9's back to 0's. > // I probably need some loop (return or whatever) somewhere to make it go > back after adding +1 tot the last character do I? If I understood you correctly, that loop is in JtR itself. So, yes, you only need to "return" (or reach the end of function). > { > if(++word[8]>'9') // It counts from 0 till 9 and then starts with following aaaa0010? This is slightly wrong - word[8] is your NUL-termination. The last actual character is word[7]. (Not to mention that this whole approach with nested if's is very dirty.) > { > word[7] = '+1'; // As in 10..20..30 etc etc, +1 is probably wrong value (any thoughts?) This is not even valid syntax - you can't put more than one character in there. What you meant is probably: word[7] = '0'; to reset the character that "overflowed", then you'd fall through to the previous position and try incrementing the character there: > { > if(++word[7]>'9') It should be word[6] here. And so on. > if(++word[4]>'Z') You can't mix lowercase and uppercase letters like that because they use separate ASCII code ranges. You'd have to use more if's here, which really would not be pretty. > ............// count tried passwords > count=$ //$ is result of count tried passwords > ..........// Print message " finished tried $ passwords " and stop You can't do that in an external mode explicitly. Instead, you merely set "word = 0;" and JtR itself does what you have described for you. > // Ow...whe need it to go --stdout...hmmm, how? Just specify the --stdout command-line option along with your --external=MODE one. > Please take a look at it and modify if needed or if it speeds up things. That code is too dirty to be modified to do what you need. Just use the KnownForce mode from my previous response instead. Good luck! -- Alexander Peslyak <solar at openwall.com> GPG key ID: 5B341F15 fp: B3FB 63F4 D7A3 BCCC 6F6E FC55 A2FC 027C 5B34 1F15 http://www.openwall.com - bringing security into open computing environments Was I helpful? Please give your feedback here: http://rate.affero.net/solar -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.