Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 23 Sep 2011 05:24:17 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: user-defined character class samples (was: [john-users] John the Ripper 1.7.8-jumbo-7)

magnum -

On Wed, Sep 21, 2011 at 10:57:33PM +0200, magnum wrote:
> On 2011-09-21 22:35, Solar Designer wrote:
> >* Support for user-defined character classes has been added, along with
> >some samples in the default john.conf. (magnum)
> 
> Dang, now I remember I should have revised that sample, it's not doing 
> what it was supposed to.

I guess you're referring to this one? -

# This silly example rule use the user-defined character class
# example ?1 above. It will prepend any hex-string of at least
# 4 digits within a candidate with 0x as well as with  \x like
# this:
#  'hello'   -> rejected
#  'alibaba' -> 'ali0xbaba' and 'ali\xbaba'
[List.Rules:Example]
%4?1vap2Aa"[\\0]x"

If so, that's not what I meant, although we should have removed it (feel
free to submit a patch such that we don't forget).

These examples are correct, right? -

# This is a couple of example classes:
# ?0 matches (one version of) base64 characters
# ?1 matches hex digits
# ?2 matches the TAB character (never try to use \x00!)
[UserClasses]
0 = [a-zA-Z0-9/.]
1 = [0-9a-fA-F]
2 = \x09

Hmm, did you implement the \x09 thing?  I am not sure.

> Anyone having an idea of just what sample to make?

I don't, at least not right now, sorry.

> Anyway if someone on john-users complains about the results, it's the 
> rule's fault, not the class :)

I think this confirms what I wrote above.

Thanks,

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ