Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <012801cbf3db$dc71e430$9555ac90$@net>
Date: Tue, 5 Apr 2011 16:53:12 -0500
From: "jfoug" <jfoug@....net>
To: <john-users@...ts.openwall.com>
Subject: RE: perl script to generate test hashes

>From: JimF Sent: Monday, April 04, 2011 1:14 AM
>
>I have built a perl script and have added many of the formats handled by
>john.  This script will write out john readable password hashes.

... Clip

I have finished up a v1.01 on this script. Added are md5_gen functions.  
To generate the 'built-in' md5-gen's, add the command line of md5_gen=0 to 
md5_gen=20  and it will process md5_gen(0) to (20) [the current built in 
types].

I have also added a parser to generate non-builtin types.  The easiest 
way to see the syntax, is to simply run the script, using md5_gen as one
of the command line arguments.  Even though md5_gen is one of the types,
it requires extra parameters, and thus, will output a usage message.

To do this format:  md5($p.$s.md5($s.$p).md5($p))  add this command line

./gen_hash.pl md5_gen=salt=true,num=1040,format=
md5($p.$s.md5($s.$p).md5($p))

And the script will generate the lines. The salt will be 6 characters,
randomly chosen. The length of the salt can be varied (with saltlen=#),
but here, we do not specify, so it uses the default.

The hashes which can be done, are any of these:
md5(), md4(), sha1(), MD5() returns base16 in upper case, MD4() SHA1(),
md5_64 returns hash in base-64, md4_64() and sha1_64().   I will probably
add md5_raw(), md4_raw() and sha1_raw() at some time, so that formats such
as md5/md5a/phpass which use the 'raw' hash binary, can have test strings 
made (md5/md5a and phpass all are handled by the script already)

There can be up to 9 constant's added to the format.

The format can use the user name, in normal, or upper-cased, or lower cased.

The format can also use a 2nd salt (by using salt2len=#).

The parser is NOT elegant, nor is it likely very fast, but it does work, and
syntax checks the input, to make sure it is 'proper'.  It even shows you
where
the syntax error occurred in the string, if there is an error.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.