Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <BLU0-SMTP37072CCAE62380B9687BE7FDF90@phx.gbl>
Date: Sun, 17 Jun 2012 09:09:04 +0200
From: Frank Dittrich <frank_dittrich@...mail.com>
To: john-users@...ts.openwall.com
Subject: Re: Magic Escape Sequences in Rules

On 06/17/2012 07:52 AM, NeonFlash wrote:
> I have the following rules which I would like to modify and in order to do that, first I need to get a grasp of how they work:
> 
> -[c:] >4 <- \p[c:] i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
> 
> This will add the special characters everywhere in the string. Here is what I have understood:
> 
> -[c:] - reject the rule if the hash type is not case sensitive.

Not exactly.
This gets expanded to 2 rules:
 -c
 -:
The first one means: reject the rule if the hash type is not case sensitive.
The second is a dummy (the rule is not rejected)

>> 4 - reject the candidate password if its length is less than 4

 >4 rejects the candidate password if its length is less than or equal to 4.

> <- the length of the candidate password should be less than max_length-1 (max_length is maximum length supported for that hash type)

max_length is maximum length supported for that hash type or maximum
length supported for the current format implementation (this one can be
smaller than the actual maximum length supported for that hash type, for
performance reasons.


> \p[c:] - \p is the magic escape sequence. 
> 
> 
> According to documentation: \p before a range to have that range processed "in
> parallel" with preceding ranges.

Without the \p,

-[c:] >4 <- [c:] i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]

would get expanded to

 -c >4 <- c i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
 -c >4 <- : i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
 -: >4 <- c i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
 -: >4 <- : i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]

(plus expansion of the [0-5] and [!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
ranges)

We want just 2 of these 4 expansions:

 -c >4 <- c i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
 -: >4 <- : i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]

This is exactly what the \p does here.
It just reduces the number of rules in a way that the first character of
the range following the \p is used when the expansion of the previous
range used the character in the first position, and so on.


The first version capitalizes the word, but does so only if the hash
type is case sensitive.
The second version could also be written as

 >4 <- i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]

Because the range [c:] is exactly the same in both cases,

-[c:] >4 <- \p[c:] i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]

could have been written as

-[c:] >4 <- \p\0 i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]

\0 would refer to the previous range.

Since the previous range in this example is the first range, you could
also use

-[c:] >4 <- \p\1 i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]

(This is useful if you want parallel processing with another range than
the previous one.

So, the \p just helps to reduce typing when writing the rules, and
prevents you from needing to adjust several different places if you
realize you want to add another character, remove a character, or just
change the sequence of characters in the last range.


> 
> However in our rule, [c:] is not a range. So, does it allow parallel processing for the following two rules:
> [c] - capitalize
> [:] - no operation?

The [c:] is a range of 2 different characters which requires expansion
into two different rules.

>From doc/RULES:

|  In the following paragraph describing the escapes, the
| word "range" refers to a single instance of a mix of character lists
| and/or ranges placed in square brackets as illustrated above.

In the first range, c and : are used as qualifiers for the - (rule
rejection command), in the second case they are used as word mangling rules.
The rule expansion logic doesn't care, it will just expand those ranges
(from right to left), inserting each character specified (from left to
right), unless it finds a \p.

> i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*] - This will pick a special character from the list and place it in different positions, 0 to 5.

Right.


> Similarly, I would like to understand the meaning of the magic escape sequences, \p1 and \p2 in the following rule:
> 
> -[c:] >[5-8] <- \p1[c:] i\p2[6-9][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]

range 1 is [c:], range 2 is [5-8], so the second [c:] is processed in
parallel with the first one, while [6-9] is processed in parallel with
[5-8].

Again, this could have been written as

 -[c:] >[5-8] <- \p1\1 i\p2[6-9][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]

 \1
would mean: take the same characters as in the range 1 when doing
parallel processing.

As you see, ranges processed in parallel don't need to use the same
characters, they just need to have the same number of characters.

Frank

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.