[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <5f4239741002031029l1cfa48aesc76b3dcd030df302@mail.gmail.com>
Date: Wed, 3 Feb 2010 12:29:16 -0600
From: Minga Minga <mingakore@...il.com>
To: john-users@...ts.openwall.com
Subject: Feature Requests for JtR
All,
Ive had a few ideas I'd like to toss around about some ideas of
new features I'd like to see in JtR. These are on my "TODO" list,
but the amount of time I have to hack source right now is quite
limited. I thought someone else might be interested, or have opinions
about them.
I have ways around all the items below, I just wanted people to know
some things Ive run up against while running over 100 john processes
at once.
1) --nolog (do not create .log file). I find myself filling up partitions
with .log files for some complex rules. Sometimes I don't need a .log
file - and have to program in 'rm session123.log' into my automation
scripts.
It would be nice to only create .rec (session) files - but no .log files.
Im aware - some people WANT .log files - so a command line option makes
sense (or maybe an entry in john.conf ? ). Do you all USE .log files for
something? Is there something I SHOULD be doing with my .log files?
Because I just deleted a 400 MEG .log file without looking at it ;)
2) Random Session/.rec file names. If a JtR instance is started and the
default .rec session filename is already created - it would be nice
in some cases if a "random" session (file)name was created automatically
for the user. (I tried to change the source to do this - and failed. But
it looks 'easy' to do - if you aren't out of practice):
Some ideas I've had on this:
a) session file name could be [passwd_filename]-[ruleset_specified]-date.rec
such as pwdump-wordlist-02022010.rec or
shadow-nt-02022010.rec or
ciscohashes-KoreRulesAppendJustNumbers-02022010.rec
b) Just "random" filenames. Maybe based on md5 of filename or something?
Maybe a command line option to automatically create a random session
filename instead of just using the default. This might not be ideal
for all users - but some of us would love it ;)
john --random-session pwdump.txt (for example).
3) Command line option to specify which john.conf to use.
Same idea as "--pot=NAME pot file to use"
But allow the user to specify which john.conf file to use on the command
line (is this already possible?? - Am I missing something?).
ESPECIALLY useful with --external:parallel
Currently, I have to use 'sed' to manipulate values in the
--external:parallel when I want to automate the process. I then overwrite
john.conf - launch the process - then RE-generate another john.conf and
this process repeats over and over again. It gets a bit annoying with
100 cores across multiple systems - because I have to 'scp' john.conf s
everytime I want to start a new process.
It would be nice if there was --conf=NAME option that would allow me
to specify which john.conf file to use. And I could distribute
the john.conf's ahead of time to all the systems. Imagine a system
with 16 cores? and they all have to use the same john.conf FILENAME.
What if I want to CNTL-C and the '--restore' at a later time?
Beginner users would have no use for this, I understand that. But it would
make automation on a large scale much easier for me/us/you. ;)
Yes, I already know other ways around this. Yes, I know there are
different ways to approach this. Yes, Im aware that I could do XXX or YYY
thats not what Im looking for. Im looking for '--conf=NAME'
----------------------------------
Question / Problem / Feature Request
----------------------------------
X) I really LOVE the new ETA functionality. Is there a way already
(or can there be a way) to ask 'john' what the ETA is for a set of
wordlist and rule and get an answer with out having to either CNTL-C
a process or hit a key while its running? (Im aware thats not how ETA
works... please keep reading).
(Thats poorly worded, here is the problem):
I have about 30 very complex rules I have written (and will be announcing
here soon) - I also have approx. 50 wordlist files I want to use.
I want to run all 30 sets of rules - on all 50 word lists. And I'd like
to be able to know how long each of them will take to run. It would be
NICE to know the ETA of a rule/wordlist combination ahead of time.
(I know there is *NO* way to get a precise time - I just need a VERY
rough estimate).
The goal of which - would be to run the fastest rules/wordlist combinations
first. Right now, I am just guessing at the priority - but if there was
a way 'john' could TELL me which combinations have the least amount of
possible passwords, that would be helpful.
Im aware thats not how ETA works - and that it changes over time. Is there
another way to do this besides ETA? Does -test already do this in conjunction
with user-specified wordlist/rules ?
If not ETA - then something like x=(Lines in wordlist*amount of rule
combinations) I dont need the output to be 100% accurate - just an
IDEA of what rule/wordlist combinations are fast - and which are slow.
I am currently doing this by hand - and its doable. But in the future I will
will have like 500 wordlists - and 100+ rules. Eventually, it will NOT
be doable by hand. Any ideas?
-Minga
KoreLogic
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
