|
Message-Id: <D36903D2-6DDB-4427-ADBB-BE46275FADF1@sl-chat.de> Date: Wed, 1 Dec 2010 15:39:43 +0100 From: SL <auditor@...chat.de> To: john-users@...ts.openwall.com Subject: Re: Feature Requests for JtR On 2010-02-22 at 20:15, Solar Designer wrote: > On Wed, Feb 03, 2010 at 12:29:16PM -0600, Minga Minga wrote: >> Do you all USE .log files for something? Is there something I >> SHOULD be doing with my .log files? >> Because I just deleted a 400 MEG .log file without looking at it ;) > The .log files are sometimes useful, and sometimes not. I > understand your desire to be able to disable them. I've hacked up following simple shell script (assuming bash and UTF-8, which should be default on most recent Linux and Mac OS X versions; for Windows I'd use Ubuntu in VirtualBox), that parses out successfully applied rules from (all) your log files, and generates an ordered "List.Rules:Successful" section for your john.conf, with most successful rules on top: #!/bin/bash echo -e "\n[List.Rules:Successful]" grep -h -B1 " Cracked " *.log | iconv -f ISO-8859-1 -t UTF-8 \ | sed "s/.* Cracked .*/cracked/" | uniq -c | grep -v "[[:space:]]-- [[:space:]]*$" \ | sed "N;s/[[:space:]]*1 \(.*\)\r\?\n\(.*\)/\2 \1/" | grep " Rule #" \ | sed "s/cracked [^']*/hashes cracked - rule /" \ | while IFS=" " read count line; do for ((i=1; i<=$count; i++)); do echo "$line"; done; done | sort | uniq -c | sort -rn \ | sed "s/^[[:space:]]*\([0-9]\+\)[[:space:]]\+.*rule '/# \1 cracked: \n/;s/' accepted.*//;s/^\[/:\0/" With some additional sed magic, one could (at least partially) retransform this to "successful preprocessor instructions", but that would be too much to include here. I could imagine that Solar Designer might be interested to receive a copy of this script's output from every list member? Also, I'd like to add one more feature request to this topic: It would be splendid to have "rules.d" support, i.e. instead of appending "List.Rules" sections to john.conf, write them into separate files like ../run/rules.d/wordlist.rules, ../run/rules.d/ single.rules, ../run/rules.d/successful.rules. This would allow above script's output to be simply redirected to ../run/rules.d/ successful.rules every once in a while, instead of manually editing john.conf. Similarly, "List:External" modes could be stored in ../run/external.d/ lanman.mode, ../run/external.d/knownforce.mode, etc.; this might reduce john.conf's complexity quite notably. Kinda like Apache does it with conf.d. SL
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.