Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 4 Jan 2013 17:35:01 +0100
From: Frank Dittrich <frank_dittrich@...mail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Handling of GECOS and user name fields in single mode
 (was: Cracking Mountain Lion hashes (WIP))

On 01/04/2013 05:11 PM, Dhiru Kholia wrote:
> ✗ python2 ../run/ml2john.py magnum.plist
> magnum.plist:$pbkdf2-hmac-sha512$(hash):503:20:magnum,overlord
> magnum:/bin/bash:magnum.plist
> 
> You can use http://openwall.info/wiki/_media/john/ML-hashes.zip to
> generate the full hash.
> 
> This hash doesn't get cracked by single mode. The password is
> "overlord magnum" which is present in the GECOS field. I guess single
> mode treats strings separated by a space as multiple passwords.

Yes, but nut just the space is treated as a separator.

In core john, this was defined in loader.c.
But due to support of different encodings in the jumbo version, the code
is now in unicode.c, starting from line 1067:

        // Original separator list from loader.c
#define CP_issep \
        "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~\177"

        if (options.iso8859_1)
                encTemp = CP_issep CHARS_PUNCTUATION_ISO_8859_1
CHARS_SPECIALS_ISO_8859_1 CHARS_WHITESPACE_ISO_8859_1
CHARS_CONTROL_ISO_8859_1 CHARS_INVALID_ISO_8859_1;
        else if (options.iso8859_2 )
                encTemp = CP_issep CHARS_PUNCTUATION_ISO_8859_2
CHARS_SPECIALS_ISO_8859_2 CHARS_WHITESPACE_ISO_8859_2
CHARS_CONTROL_ISO_8859_2 CHARS_INVALID_ISO_8859_2;
...

Not just the GECOS field will be split into individual words, but also
the login name.

May be we need a new hidden option which allows to specify a different
(or even an empty) list of word separator characters for single mode.
This would also be useful to easily verify passwords in john.pot (e.g.,
for submissions during password cracking contests), at least as long as
the password doesn't contain any ':' characters.

Frank

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.