Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 20 May 2012 22:54:22 -0400
From:  <jfoug@....net>
To: john-dev@...ts.openwall.com
Cc: magnum <john.magnum@...hmail.com>
Subject: Re: Additions to JtR rules, arbitrary characters

If we wanted to properly support having the john.pot deal with these arbitrary crap (some may not be crap, but who knows), then we could do something like was done in the salt field within dynamic.  Having something like $HEX$hhhhhhh..  as the password, allows detecting all possible bytes in a password, including NULL (if we could find other ways to get that byte inserted into the other inner workings of john.

I am not fully sure these are needed, as these type hashes likely are not ITW real hashes.

Btw, \x0A is the proper newline ;)  I screwed up, and ppl have been following along with that mistake.

JIm.

---- magnum <john.magnum@...hmail.com> wrote: 
> On 05/20/2012 08:16 PM, Frank Dittrich wrote:
> > I also noticed that appending a newline character cracked several
> > raw-md5 hashes from
> > https://www.korelogic.com/InfoSecSouthwest2012_Ripe_Hashes.html
> > (...)
> 
> We could use literal '\n' and '\r' for a couple of such offenders. But
> then we'd have to use '\\' for an actual '\' and this could break things.
> 
> FWIW, I have sometimes wanted another field in john.pot, a hex of the
> plaintext like this:
> 
> $NT$3dbde697d71690a769204beb12283678:123:313233
> 
> I think some other crackers has this. If we had this in place, we could
> print '?' (or something else) for linefeeds or otherwise unprintable
> characters. But this would break lots of things so it would have to be
> optional.
> 
> magnum
> 

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ