Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CAJ9ii1FGbURj-168=vBcZ5eouQtJ6rWkCssjtaGD6ucig44RsQ@mail.gmail.com>
Date: Tue, 6 Aug 2019 07:24:31 -0400
From: Matt Weir <cweir@...edu>
To: john-users@...ts.openwall.com
Subject: Re: Truncated hashes with DYNAMIC mode

Thanks for the reply magnum,
    We can certainly move this discussion to a git repo issue as that's
probably more appropriate. In my head I was thinking of an option in
dynamic mode to only use a portion of a generated hash for future
computations or checks. That way it wouldn't need to be aware about the
cleartext guesses, (as they would be generated by a normal JtR cracking
session), nor would it be concerned with doing any "searching" for the
values, since it would just truncate the generated hash and then compare it
to the targeted hashes supplied by the user. Going this route would mean
that in the future we could also use this feature to quickly support
weird/broken formats like the original LinkedIn hashes which had a number
of leading 0's overwriting the start of the hash. Aka it'd be up to the
user to clean up their target hash list (for example cut off the leading
0's), but then they could use dynamic mode to truncate the hashes JtR
generates in a similar manner before doing a comparison.

Cheers,
Matt

On Tue, Aug 6, 2019 at 6:11 AM magnum <john.magnum@...hmail.com> wrote:

> On 2019-08-02 16:42, Royce Williams wrote:
> > On Fri, Aug 2, 2019 at 5:29 AM Solar Designer <solar@...nwall.com>
> wrote:
> >
> >> On Wed, Jul 31, 2019 at 11:22:22AM -0400, Matt Weir wrote:
> >>> I'm looking for a way to utilize dynamic mode to generate vanity
> hashes.
> >>> For example, finding a raw-MD5 hash that starts with '12345'. I've been
> >>> looking through the documentation for dynamic, but I'm missing how to
> >> only
> >>> check a subset of the final hash vs the target. Is that possible, and
> how
> >>> would I go about doing that? Bonus points if I can utilize the command
> >> line
> >>> dynamic expressions.
> >>
> >> I'm afraid this isn't supported, but I'd like JimF to confirm this and
> >> consider adding such functionality.
> >>
> >
> > That would be fantastic! I've long argued that such searching, if done
> in a
> > way that is low overhead for the maintainers of the tool (who are usually
> > not me, since my programming skills are limited), belong in the cracking
> > suites themselves rather than reinvented poorly or narrowly in other
> > frameworks. Of course, I understand that non-specialization also means
> that
> > some optimization opportunities must be discarded, so I also support
> > dedicated external tools when executed well. But I think that having this
> > in dynamic mode would be worth the trade-off.
>
> Well you could open an issue for it for RFC/discussion. For example, how
> would we format the input? Would we always want hashes that starts with
> "deadbeef" or sometimes only ends with it, or any of them? Or even
> "deadbeef" somewhere/anywhere in it (that would likely be awfully slow)?
>
> Also, would we want the cleartext that produces such vanity hash to be a
> printable one actually usable as a password, or more or less any binary?
> As mentioned recently, binary brute-force hasn't been within our scope
> but we're considering changing that.
>
> magnum
>
>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.