Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CABeUhwvHzt6HX1ZtMbdFb7d6y8_AYQJTabeOUSE5pBEH=dryuQ@mail.gmail.com>
Date: Sun, 17 Jun 2012 16:52:20 +0200
From: newangels newangels <contact.newangels@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Magic Escape Sequences in Rules

Hi,

Well, it's not my post, but just whant to thanks "FRANK" ( other's
Master's dev's also for sure ) for his effort's & time.

It's allways an nice to see & read ppl sharing them knowledges & time
& think that have to be highlighting. time to time ;-)

Regards,

Donovan

2012/6/17, Frank Dittrich <frank_dittrich@...mail.com>:
> On 06/17/2012 07:52 AM, NeonFlash wrote:
>> I have the following rules which I would like to modify and in order to do
>> that, first I need to get a grasp of how they work:
>>
>> -[c:] >4 <- \p[c:] i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
>>
>> This will add the special characters everywhere in the string. Here is
>> what I have understood:
>>
>> -[c:] - reject the rule if the hash type is not case sensitive.
>
> Not exactly.
> This gets expanded to 2 rules:
>  -c
>  -:
> The first one means: reject the rule if the hash type is not case
> sensitive.
> The second is a dummy (the rule is not rejected)
>
>>> 4 - reject the candidate password if its length is less than 4
>
>  >4 rejects the candidate password if its length is less than or equal to
> 4.
>
>> <- the length of the candidate password should be less than max_length-1
>> (max_length is maximum length supported for that hash type)
>
> max_length is maximum length supported for that hash type or maximum
> length supported for the current format implementation (this one can be
> smaller than the actual maximum length supported for that hash type, for
> performance reasons.
>
>
>> \p[c:] - \p is the magic escape sequence.
>>
>>
>> According to documentation: \p before a range to have that range processed
>> "in
>> parallel" with preceding ranges.
>
> Without the \p,
>
> -[c:] >4 <- [c:] i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
>
> would get expanded to
>
>  -c >4 <- c i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
>  -c >4 <- : i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
>  -: >4 <- c i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
>  -: >4 <- : i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
>
> (plus expansion of the [0-5] and [!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
> ranges)
>
> We want just 2 of these 4 expansions:
>
>  -c >4 <- c i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
>  -: >4 <- : i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
>
> This is exactly what the \p does here.
> It just reduces the number of rules in a way that the first character of
> the range following the \p is used when the expansion of the previous
> range used the character in the first position, and so on.
>
>
> The first version capitalizes the word, but does so only if the hash
> type is case sensitive.
> The second version could also be written as
>
>  >4 <- i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
>
> Because the range [c:] is exactly the same in both cases,
>
> -[c:] >4 <- \p[c:] i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
>
> could have been written as
>
> -[c:] >4 <- \p\0 i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
>
> \0 would refer to the previous range.
>
> Since the previous range in this example is the first range, you could
> also use
>
> -[c:] >4 <- \p\1 i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
>
> (This is useful if you want parallel processing with another range than
> the previous one.
>
> So, the \p just helps to reduce typing when writing the rules, and
> prevents you from needing to adjust several different places if you
> realize you want to add another character, remove a character, or just
> change the sequence of characters in the last range.
>
>
>>
>> However in our rule, [c:] is not a range. So, does it allow parallel
>> processing for the following two rules:
>> [c] - capitalize
>> [:] - no operation?
>
> The [c:] is a range of 2 different characters which requires expansion
> into two different rules.
>
> From doc/RULES:
>
> |  In the following paragraph describing the escapes, the
> | word "range" refers to a single instance of a mix of character lists
> | and/or ranges placed in square brackets as illustrated above.
>
> In the first range, c and : are used as qualifiers for the - (rule
> rejection command), in the second case they are used as word mangling
> rules.
> The rule expansion logic doesn't care, it will just expand those ranges
> (from right to left), inserting each character specified (from left to
> right), unless it finds a \p.
>
>> i[0-5][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*] - This will pick a special
>> character from the list and place it in different positions, 0 to 5.
>
> Right.
>
>
>> Similarly, I would like to understand the meaning of the magic escape
>> sequences, \p1 and \p2 in the following rule:
>>
>> -[c:] >[5-8] <- \p1[c:] i\p2[6-9][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
>
> range 1 is [c:], range 2 is [5-8], so the second [c:] is processed in
> parallel with the first one, while [6-9] is processed in parallel with
> [5-8].
>
> Again, this could have been written as
>
>  -[c:] >[5-8] <- \p1\1 i\p2[6-9][!$@...^&()_+\-={}|[\]\\;'":,/<>?`~*]
>
>  \1
> would mean: take the same characters as in the range 1 when doing
> parallel processing.
>
> As you see, ranges processed in parallel don't need to use the same
> characters, they just need to have the same number of characters.
>
> Frank
>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.