Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sat, 4 Apr 2015 17:44:53 +0300
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: Problem with john.conf

Kai, magnum, Frank -

On Sat, Apr 04, 2015 at 07:13:09PM +0800, Kai Zhao wrote:
> Currently, john does not report error when the section name is
> "?List.Rules***"

As far as I'm aware, there's nothing special about this section name,
e.g. for me the behavior is exactly the same if I change it to [abcdef].
The only thing that matters is whether the section name starts with
"List" or not.  When you add the question mark, or anything else, the
section name no longer starts with "List", so the section is parsed
differently.

The name "?List.Rules***" is not an error per se.  It's just not a list
section anymore, and thus also not usable for rules, despite of the
remainder of its original name.  JtR does not recognize a section of
that name, so it should ignore it.  Yes, silently, which is a bit
unfortunate.  The core tree happens to parse all non-List sections as
Name = value, regardless of whether those sections are ever used by the
rest of JtR, so it usually reports an error a few lines below if you
rename a List section like that.  Maybe jumbo should, too, but neither
behavior is ideal anyway.

> Is it valid with the name "?List.Rules***" ?

Like I said, it's certainly no longer a List, and no longer a rules
section.  But it might or might not be valid in terms of config file
syntax anyway, depending on what's in it.

> Should john report error message when the section likes "?List.Rules***" ?

When the section is merely named like that?  I think not.  There's
nothing special about that name, so no reason to single it out for error
reporting.

An actual improvement would be to remove the magic List prefix
altogether, and use e.g. a different type of braces for the list
sections.  This is something I had considered years ago, but never came
up with a good enough solution that wouldn't unnecessarily break
compatibility with the existing syntax and with not needing to escape
other types of braces - I mean other than square brackets - inside e.g.
rules lists.  If we e.g. define curly braces to start list sections,
then we'd need to be escaping an opening curly brace at the start of
lines inside rules lists.  Right now, opening curly brace is an existing
rule command ("rotate the word left").

Oh, maybe we can use double square brackets for lists?  So instead of
e.g. [List.Rules:Loopback] we'd use [[Rules:Loopback]].  I think I
actually like this change.  If others like it too, I'll consider making
it in the core tree when I feel like it. ;-)

Thanks,

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.