Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <000801cd427d$eae95d80$c0bc1880$@net>
Date: Mon, 4 Jun 2012 13:14:41 -0500
From: "jfoug" <jfoug@....net>
To: <john-users@...ts.openwall.com>,
	"'NeonFlash'" <psykosonik_frequenz@...oo.com>
Subject: RE: Right Format to Load IPB hashes in JtR

Here is a patch against magnum-jumbo, which adds this new file (renamed to
raw2dyna), into the normal john source tree.  The source is in john's source
directory, and Makefile entries have been added, AND the dynamic documentation
lists the $HEX$ salt type, and this new 'tool'.

Jim.

>-----Original Message-----
>From: jfoug@....net [mailto:jfoug@....net]
>Sent: Monday, June 04, 2012 7:58 AM
>To: NeonFlash; john-users@...ts.openwall.com
>Subject: Re: [john-users] Right Format to Load IPB hashes in JtR
>
>The latest john, obtainable from 'magnum-git'  (documented on how to get
>it here  http://openwall.info/wiki/john/patches) can handle this.
>Simply put, I had to add split to dynamic, to properly deal with raw
>hashes, which get upconverted to dynamic_X, when re-reading them from a
>.pot file, against a raw input file.  I do not think original jumbo-5
>can do this.  However, I know the current version in the git repository
>CAN do this.
>
>Also, with a salt like this, which will likely contain most any
>character (including the ':' which is a field separator character for
>JtR), it would be best if you converted the salts into the $HEX$ format.
>
>I tossed together some C code  code will do this.   To build, simply
>gcc -o to_dyna to_dyna.c   and it should get built properly.  Here are
>the options:
>
>usage to_dyna [options] < input > output
>        Options:
>                -d=#   dyna number (-d=12 and $dynamic_12$hash$salt is
>used)
>                -a     ALL hashes get $HEX$ and not simply hashes which
>have problems
>                -ls=#  The salt is the leading data, and it is # bytes
>long
>                -ss=b  The salt separator char is b  a blank -ss= means
>no separator char
>        defaults are -d=12 -ss=:
>
>I just tossed this together this morning, so I hope it is semi-bug free.
>I have tossed a few tests at it, and it appears to work.
>
>Jim.
>
>---- NeonFlash <psykosonik_frequenz@...oo.com> wrote:
>> I already have some hashes cracked in POT File:
>
>$dynamic_12$c38c6304cd49dc2002cc55dc295704c3$R"p+(:Matthew1
>$dynamic_12$2ebd7b40a1524a95e76f20fc63dc8e2b$f[q<a:dallas12
>$dynamic_12$442f17ca82e93f2856b7e9806909a1a7$k"Bf]:hallo123
>$dynamic_12$a7a48eaca37895868c27930fbcaf7623$6+@x(:deathwish
>$dynamic_12$d32e72ee3ea712862c9144e81dbf6bc0${K}}Q:onions
>$dynamic_12$62407a6e30d83e141ab2e2a0f75aeaf3$RA]w&:onions
>
>in this format.
>
>Also, I have modified my IPB.txt file to contain the hashes in the
>following format:
>
>hash$salt
>
>
>Now, when I want to display the cracked hashes like this:
>
>john -show --format=dynamic_12 IPB.txt
>
>it does not display.
>
>Probably, because while parsing the POT File these cracked hashes appear
>with the $dynamic_12$ prefix.
>
>The problem is, if I try to display the cracked hashes otherwise when my
>IPB.txt file contains the hashes in the format with a $dynamic_12$
>prefix, the result is as shown below:
>
>?:Matthew1
>?:dallas12
>?:hallo123
>?:deathwish
>?:onions
>?:onions
>
>Is there a way to display the cracked hashes in the format:
>
>hash:password?
>
>Thanks.
>
>
>
>________________________________
> From: Frank Dittrich <frank_dittrich@...mail.com>
>To: john-users@...ts.openwall.com
>Sent: Monday, June 4, 2012 10:47 AM
>Subject: Re: [john-users] Right Format to Load IPB hashes in JtR
>
>On 06/04/2012 06:58 AM, NeonFlash wrote:
>> Ok, I just tried with the following format:
>>
>> $dynamic_12$b1e8eaa9725156b6c617a065dd05772b$3{8|d
>> $dynamic_12$eb6c6407b4dcc0ea703231c77758e013$g~A.}
>> $dynamic_12$e72f3f18e6f9cc212a4ff9f5a09b7eb1$J-uvO
>>
>> Using "$" as the separator char between the hash and the salt works.
>
>$ ./john IPB.txt --format=dynamic_12
>
>would even work with this format:
>
>b1e8eaa9725156b6c617a065dd05772b$3{8|d
>eb6c6407b4dcc0ea703231c77758e013$g~A.}
>e72f3f18e6f9cc212a4ff9f5a09b7eb1$J-uvO
>
>or
>
>user:b1e8eaa9725156b6c617a065dd05772b$3{8|d
>user2:eb6c6407b4dcc0ea703231c77758e013$g~A.}
>another_user:e72f3f18e6f9cc212a4ff9f5a09b7eb1$J-uvO
>
>In this file
>
>1e8eaa9725156b6c617a065dd05772b:3{8|d
>eb6c6407b4dcc0ea703231c77758e013:g~A.}
>e72f3f18e6f9cc212a4ff9f5a09b7eb1:J-uvO
>
>the colon would be treated as separator between user name ans hash.
>That's why john didn't load the hashes.
>
>
>Frank

Download attachment "JtR-Raw2Dyna.diff" of type "application/octet-stream" (6860 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.