![]() |
|
Message-ID: <C1CB0052DA214DDC9CE4EAC1A0F5473F@D9VGLK61> Date: Mon, 4 Apr 2011 01:14:20 -0500 From: "JimF" <jfoug@....net> To: <john-users@...ts.openwall.com> Subject: perl script to generate test hashes I have built a perl script and have added many of the formats handled by john. This script will write out john readable password hashes. There are still a few formats not handled, and I have not undertaken the md5_gen() format (yet). However, I am posting it now, even though it is not quite done, so that others can find use for it. Adding new formats to this script is easy (if you understand the format). Simply add a new string to the @funcs array at the start of the file, then add a new sub at the bottom of the file. The sub at bottom MUST be same name as the @funcs array, but the sub's name MUST be lower case. The string in the @funcs must be same letters, but case does not matter. The subroutine in the bottom, will be passed the password (as $_[0] first and only argument) Reading many of the other functions should give an idea of what is required. To use the script is easy. All password input is from stdin (if you do not redirect a file, the script will propt for input). You can list as many 'done' formats as you want on the command line. The script will generate a list of password hashes for each type. So if you did: gen_pass.pl des xsha mscash < words.dict > hashes.txt Then in hashes.txt, there would be 3 'blocks' of hashes, a block for Unix DES, a block for Mac X-SHA and a block for mscash. Each of these will have random salts (if needed), and each word out of words.dict will be a password hash for that format. This script is in the wiki, on page http://openwall.info/wiki/john/Generating-test-hashes One word of warning. This script slurps up the entire stdin data into a perl array (so that it can rerun these passwords multiple times if multiple formats are requested). This can be a LOT of memory. Do not try to run the script, giving it your favorite 2gb wordlist. It will almost certainly have serious memory thrashing issues, and may simply crash. However, I was able to run a 16MB (about 1.6 million word) english dict against it, in a couple minutes on a machine that is seriously underpowered. I ran simple rawmd5 and it did complete. Remember when running lists, that this is in perl, and will be slower than john. So if you wanted to make 1 million PHPass/MD5a/Blowfish hashes, it is gonna take a while. Jim.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.