Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <kr8ceq5rcna2xadhkqmrk193.1473245706859@email.android.com>
Date: Wed, 07 Sep 2016 11:55:06 +0100
From: Darren Wise <darren@...ecorp.co.uk>
To: john-users-group <john-users@...ts.openwall.com>
Subject: Re: Show only cracked usernames and passwords for a  given hash file?


    
Awesome idea Marek,
Looks like a good solution to me, I'll keep this in mind for myself even though not asking the orginal post!


> Kind regards,
> Darren Wise Esq, 
> B.Sc, HND, GNVQ, City & Guilds.



-------- Original message --------
From: Marek Wrzosek <marek.wrzosek@...il.com> 
Date: 07/09/2016  11:05  (GMT+00:00) 
To: john-users@...ts.openwall.com 
Subject: Re: [john-users] Show only cracked usernames and passwords for a  given hash file? 

Hi nyxgeek,

W dniu 07.09.2016 o 05:55, nyxgeek@...abs.co pisze:
> Is there any way to have John's --show flag show just usernames and 
> passwords cracked for a given hash file, in the format of:
> 
> user00:Password1234567890
> 
> 
> instead of having it displayed in-line, like:
> 
> user00:Password1234567890:1000:aad3b435b51404eeaad3b435b51404ee:17bd91defd0d2fe234239a5bb90a9595:::
>
> 

I think, there is another workaround. You can reverse order of
characters in lines, cut fields from 7th to the end, then reverse lines
one more time.
E.g.:
$ echo -e
"user00:Password1234567890:1000:aad3b435b51404eeaad3b435b51404ee:17bd91defd0d2fe234239a5bb90a9595:::\n\
user00:Passwor:d1234567890:1000:aad3b435b51404eeaad3b435b51404ee:17bd91defd0d2fe234239a5bb90a9595:::"|rev|cut
-d: -f7-|rev
user00:Password1234567890
user00:Passwor:d1234567890

> 
> 
> This would allow for the passwords for a particular hash file to
> easily be harvested/analyzed by performing a 'cut -d: -f2-', rather
> than having it be embedded inside the string.  By embedding the
> solved password inside the string, it seems to make it impossible to
> reliably cut out, since a password could easily contain a colon,
> which would then be misread as a delimiter.
> 
The you'll be able to extract passwords by performing a 'cut -d: -f2-'.

E.g.:
$ echo -e
"user00:Password1234567890:1000:aad3b435b51404eeaad3b435b51404ee:17bd91defd0d2fe234239a5bb90a9595:::\n\
user00:Passwor:d1234567890:1000:aad3b435b51404eeaad3b435b51404ee:17bd91defd0d2fe234239a5bb90a9595:::"|rev|cut
-d: -f7-|rev|cut -d: -f2-
Password1234567890
Passwor:d1234567890

Every colon in a password should prevail this operation.

Best Regards,
Marek

-- 
Marek Wrzosek
marek.wrzosek@...il.com

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.