Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sun, 10 May 2015 21:43:45 +0300
From: Aleksey Cherepanov <lyosha@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: displaying full meta information about hashes with --show=types

I implemented --show=types option that prints all meta information
about hashes from file. It tries all formats against all hashes and
prints result in machine parseable format. It applies even formats
that are disabled. It tries generic crypt always. It respects
--format= option. It does not bypass john's heuristics for generic
crypt.

The format:
Once for hash:
  login,
  original ciphertext,
  uid,
  gid,
  gecos,
  home,
  shell.
For each valid format (may be nothing):
  label,
  is format disabled? (1/0),
  number of parts.
  For each part of splitted/canonical hash:
    is it same as oringal ciphertext? (1/0),
    canonical hash or empty string (if the format is disabled).
All fields are separated by field_sep_char.
Additional field_sep_char occurs at the end of line:
it does not break numeration of fields but
it allows parser to get field_sep_char from the line.


There are some TODOs in the code. I need comments on them.


magnum - I'll prepare a pull request for you. I feel guilty each time
you apply my patches manually. This patch does not have author
information. I'd like to add it. Also I'd like to add documentation.


BTW there is the following line in loader.c

 * ...with heavy changes in the jumbo patch, by magnum and various authors

Should I add my copyright there?


The patch is attached. It is against bleeding-jumbo.

Mathieu - I hope there won't be huge changes. You may start using the
patch to implement Johnny's 1.5.2:
 2. Hash type suggestion/guessing for individual hashes (which is the
    best way? do we have any support from JtR jumbo with that)


Example:

$ ../run/john --show=types ../../t.pw

Input:
NONE:0ed7dd550afb451ac5b94cb644310b09

Output:
NONE:0ed7dd550afb451ac5b94cb644310b09:::/:/:/::LM:0:2:0:$LM$0ed7dd550afb451a:0:$LM$c5b94cb644310b09:HAVAL-128-4:0:1:0:$haval$0ed7dd550afb451ac5b94cb644310b09:lotus5:0:1:1::MD2:0:1:1::mdc2:0:1:1::mscash:0:1:1::mscash2:0:1:1::NT:0:1:0:$NT$0ed7dd550afb451ac5b94cb644310b09:Raw-MD4:0:1:0:$MD4$0ed7dd550afb451ac5b94cb644310b09:Raw-MD5:0:1:0:$dynamic_0$0ed7dd550afb451ac5b94cb644310b09:Raw-MD5u:0:1:0:$dynamic_29$0ed7dd550afb451ac5b94cb644310b09:ripemd-128:0:1:0:$ripemd$0ed7dd550afb451ac5b94cb644310b09:Snefru-128:0:1:1::NT-old:0:1:0:$NT$0ed7dd550afb451ac5b94cb644310b09:


With breaks to describe parts:

About hash: login, hash, ...
NONE:0ed7dd550afb451ac5b94cb644310b09:::/:/:/::

By type:

     number of parts
     v     hash 1                 hash 2
LM:0:2:0:$LM$0ed7dd550afb451a:0:$LM$c5b94cb644310b09:
HAVAL-128-4:0:1:0:$haval$0ed7dd550afb451ac5b94cb644310b90:

           the canonical hash is the same as input hash
           | so there is empty string here
           v v
lotus5:0:1:1::
MD2:0:1:1::mdc2:0:1:1::
mscash:0:1:1::
mscash2:0:1:1::
NT:0:1:0:$NT$0ed7dd550afb451ac5b94cb644310b09:
Raw-MD4:0:1:0:$MD4$0ed7dd550afb451ac5b94cb644310b09:
Raw-MD5:0:1:0:$dynamic_0$0ed7dd550afb451ac5b94cb644310b09:
Raw-MD5u:0:1:0:$dynamic_29$0ed7dd550afb451ac5b94cb644310b09:
ripemd-128:0:1:0:$ripemd$0ed7dd550afb451ac5b94cb644310b09:
Snefru-128:0:1:1::
NT-old:0:1:0:$NT$0ed7dd550afb451ac5b94cb644310b09:

And it produces such detailed output for each input line.

Thanks!

-- 
Regards,
Aleksey Cherepanov

View attachment "t.patch" of type "text/x-diff" (4105 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.