Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CANWtx01ThFvyY101aKaBjvAdBwC+giOptoGpn58bXwjtrhFF2w@mail.gmail.com>
Date: Wed, 23 May 2018 10:02:57 -0400
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: john --make-charset=custom.chr: Can't get the hang
 of using it. :-(

On Wed, May 23, 2018 at 5:02 AM, Solar Designer <solar@...nwall.com> wrote:

> Hi Eric,
>
> On Tue, May 22, 2018 at 09:14:57PM +0100, Eric Watson wrote:
> > I have a .txt file containing a few characters from which a password was
> > made. I have the hash of the password.
> >
> > I use the command:
> >
> > ./john --make-charset=custom.chr mypasswd.txt
> >
> > where "mypasswd.txt" contains characters (AbCdEf)
> >
> > I get the error:
> >
> > Loaded 0 plaintexts, exiting...
>
> The intended use for the "--make-charset" option is to process whatever
> passwords you have already cracked in order to optimize further attacks.
> The cracked passwords are read from john.pot.  When you also list any
> "password files" on the command line, (1) those must be of one of the
> usual formats that JtR normally reads for cracking (that is, they should
> contain password hashes, as well as possibly other fields) and (2) they
> are only used to filter john.pot contents.  In other words, you specify
> them along with "--make-charset=custom.chr" only in order to limit the
> resulting contents of custom.chr to overlap of what's in john.pot
> (hashes and plaintexts) and what's in the specified files (hashes only).
>
> Your use is unintended.  You may, however, achieve what you want by
> creating a fake yet proper format john.pot with your characters, e.g.:
>
> echo :AbCdEf > john.pot
> ./john --make-charset=custom.chr
>
> Please note that incremental mode cares not only about the character
> set, but also about password lengths, character positions, character
> frequencies given specific up to two preceding characters.  So in the
> above example, it will generate the specific string AbCdEf first (if
> you allow it to generate candidate passwords of length 6 at all, and
> don't apply any other restrictions).
>
> You might want to use mask mode instead, which is intended use and is
> much easier, e.g.:
>
> ./john -2='AbCdEf' -mask='?2?2?2?2' mypasswd.hash
>
> This attacks your password hash directly, without generating any
> intermediate charset file.
>
> > Looks like I could use a manual! However,I am told that one does not
> > exist. I will create my own, step by step :-)
>
> Where are you told that a manual does not exist?
>
> > Please assist in using that john command. What I read seems to relate to
> > password lists:
> >
> > From john examples:
> >
> >       john --make-charset=custom.chr passwd1 passwd2
> >       [ Configure your custom "incremental" mode now. See below. ]
> >       john -i=custom passwd3
> >
> >
> > Where does passwd3 appear from?
>
> All of the passwd* files in this example are expected to contain
> password hashes.  passwd1 and passwd2 contain hashes that you already
> have some passwords cracked for (they're in john.pot), and you use these
> files for filtering your john.pot contents (in case it also contains
> cracked passwords for unrelated hashes).  passwd3 is the password hash
> file that you intend to crack.
>
> This example came from doc/EXAMPLES, where it says:
>
> "If you've got a password file for which you already have a lot of
> passwords cracked or obtained by other means, and the passwords are
> unusual, then you may want to generate a new charset file, based on
> character frequencies from that password file only"
>
> Then it proceeds to give examples for one such file and eventually for
> multiple related files (the example you quoted here).  Perhaps we need
> to clarify these examples with a mention that cracked passwords are read
> from john.pot.
>
> Alexander
>
Other helpful resources in addition to the DOC
<https://github.com/magnumripper/JohnTheRipper/tree/bleeding-jumbo/doc>
folder are: http://openwall.info/wiki/john
http://openwall.info/wiki/john/tutorials
One I'm fond of: https://xinn.org/blog/JtR-AD-Password-Auditing.html (Skip
down to "Using Jtr")
-rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.