Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <2d03a0e6738f15d0cfb0afeff699e037@smtp.hushmail.com>
Date: Tue, 26 Nov 2013 02:42:00 +0100
From: magnum <john.magnum@...hmail.com>
To: john-users@...ts.openwall.com
Subject: Re: Questions and suggestions to build a home cracking
 box. :)

On 2013-11-25 22:16, Richard Miles wrote:
> On Fri, Nov 22, 2013 at 3:00 PM, magnum <john.magnum@...hmail.com> wrote:
>> On 2013-11-22 18:24, Richard Miles wrote:
>>> Aaa0?
>>> Aaa1?
>>> Aaa2?
>>
>> The mask, separated by position, is ?u ?l [ab] ?d ??
>>
>> First position is ?u == upper-case A-Z
>>
>> Second position is ?l == lower-case a-z
>>
>> Third position is [ab] == 'a' or 'b' (not supported by HC afaik)

To be clear I meant this very syntax is not supported in Hashcat but you 
can do the same in other ways.

>> Fourth position is ?d == digit 0-9
>>
>> Fifth position is actually a static '?' but since the mask tokens begin
>> with a question mark, a literal one is escaped as '??'.
>
> Interesting. But where can I find a list of all these "meneumonics"? I see
> that some parts looks like regular expression as [ab], but the others for
> sure must have a kind of map with description about what they mean, right?

http://hashcat.net/wiki/doku.php?id=mask_attack#built-in_charsets
http://hashcat.net/wiki/maskprocessor

In JtR it's poorly documented (if at all) and code hasn't even settled 
yet. Noone wrote the doc/MASK yet so "use the source, Luke" and in 
particular rpp.c.

The rules engine, or rather its preprocessor, was reused for quickly 
implementing mask mode. See doc/RULES but do not misread the "Character 
classes" section as masks - only read the preprocessor section. Without 
adding the new mnemonics you'd have to write the mask above as 
"[A-Z][a-z][a-z][0-9]??".

The current mnemonics (defined in rpp.c line 108 and on) are just 
shortcuts for predefined masks (?l really *becomes* [a-z] after 
parsing). They are mostly shared with HC but we also have ?A as full 
printable 8-bit (0x20-0xFF). Hashcat's maskprocessor defines ?h as 
0xC0-0xFF while we currently define it as 0x80-0xFF. Maybe we should 
change this and use ?h for 0xC0-0xFF and ?H for 0x80-0xFF, for closer 
mimicing HC.

> But how the GPU will know where to "insert" the word from my wordlist?
>
> For example, what syntax may I use to say that my word (obtained from
> wordlist) will be prepend or append by this?
>
> Is there a "menumonic" to represent the "word" from wordlist? For example:
>
> --mask='?u?l[ab]?{w}?d??'
>
> Resulting in:
>
> AaaMyWord0?
> AaaMyWord1?
> AaaMyWord2?

I suggested a similar thing but it's not yet implemented. I haven't 
tested current mask mode with wordlist so I'm not sure if Sayanyan's 
current code always appends mask after word or if it can do something else.

> Also, is it possible to do more powerful mutation? For example, replace
> just the first occurrence of e with 3? replace only the second occurrence
> of e with 3?  and so on until replace all occurrences of e with 3?

That is better achieved (and currently possible) using rules. Read 
doc/RULES several times and try to understand the supplied rules in 
john.conf ;-)


BTW I think Hashkill should also be mentioned. I'm pretty sure it too 
outperforms JtR with GPU and it's open source:
http://www.gat3way.eu/hashkill/index.php

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.