Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 10 May 2015 21:43:45 +0300
From: Aleksey Cherepanov <lyosha@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: displaying full meta information about hashes with --show=types

I implemented --show=types option that prints all meta information
about hashes from file. It tries all formats against all hashes and
prints result in machine parseable format. It applies even formats
that are disabled. It tries generic crypt always. It respects
--format= option. It does not bypass john's heuristics for generic
crypt.

The format:
Once for hash:
  login,
  original ciphertext,
  uid,
  gid,
  gecos,
  home,
  shell.
For each valid format (may be nothing):
  label,
  is format disabled? (1/0),
  number of parts.
  For each part of splitted/canonical hash:
    is it same as oringal ciphertext? (1/0),
    canonical hash or empty string (if the format is disabled).
All fields are separated by field_sep_char.
Additional field_sep_char occurs at the end of line:
it does not break numeration of fields but
it allows parser to get field_sep_char from the line.


There are some TODOs in the code. I need comments on them.


magnum - I'll prepare a pull request for you. I feel guilty each time
you apply my patches manually. This patch does not have author
information. I'd like to add it. Also I'd like to add documentation.


BTW there is the following line in loader.c

 * ...with heavy changes in the jumbo patch, by magnum and various authors

Should I add my copyright there?


The patch is attached. It is against bleeding-jumbo.

Mathieu - I hope there won't be huge changes. You may start using the
patch to implement Johnny's 1.5.2:
 2. Hash type suggestion/guessing for individual hashes (which is the
    best way? do we have any support from JtR jumbo with that)


Example:

$ ../run/john --show=types ../../t.pw

Input:
NONE:0ed7dd550afb451ac5b94cb644310b09

Output:
NONE:0ed7dd550afb451ac5b94cb644310b09:::/:/:/::LM:0:2:0:$LM$0ed7dd550afb451a:0:$LM$c5b94cb644310b09:HAVAL-128-4:0:1:0:$haval$0ed7dd550afb451ac5b94cb644310b09:lotus5:0:1:1::MD2:0:1:1::mdc2:0:1:1::mscash:0:1:1::mscash2:0:1:1::NT:0:1:0:$NT$0ed7dd550afb451ac5b94cb644310b09:Raw-MD4:0:1:0:$MD4$0ed7dd550afb451ac5b94cb644310b09:Raw-MD5:0:1:0:$dynamic_0$0ed7dd550afb451ac5b94cb644310b09:Raw-MD5u:0:1:0:$dynamic_29$0ed7dd550afb451ac5b94cb644310b09:ripemd-128:0:1:0:$ripemd$0ed7dd550afb451ac5b94cb644310b09:Snefru-128:0:1:1::NT-old:0:1:0:$NT$0ed7dd550afb451ac5b94cb644310b09:


With breaks to describe parts:

About hash: login, hash, ...
NONE:0ed7dd550afb451ac5b94cb644310b09:::/:/:/::

By type:

     number of parts
     v     hash 1                 hash 2
LM:0:2:0:$LM$0ed7dd550afb451a:0:$LM$c5b94cb644310b09:
HAVAL-128-4:0:1:0:$haval$0ed7dd550afb451ac5b94cb644310b90:

           the canonical hash is the same as input hash
           | so there is empty string here
           v v
lotus5:0:1:1::
MD2:0:1:1::mdc2:0:1:1::
mscash:0:1:1::
mscash2:0:1:1::
NT:0:1:0:$NT$0ed7dd550afb451ac5b94cb644310b09:
Raw-MD4:0:1:0:$MD4$0ed7dd550afb451ac5b94cb644310b09:
Raw-MD5:0:1:0:$dynamic_0$0ed7dd550afb451ac5b94cb644310b09:
Raw-MD5u:0:1:0:$dynamic_29$0ed7dd550afb451ac5b94cb644310b09:
ripemd-128:0:1:0:$ripemd$0ed7dd550afb451ac5b94cb644310b09:
Snefru-128:0:1:1::
NT-old:0:1:0:$NT$0ed7dd550afb451ac5b94cb644310b09:

And it produces such detailed output for each input line.

Thanks!

-- 
Regards,
Aleksey Cherepanov

View attachment "t.patch" of type "text/x-diff" (4105 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ