Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sun, 10 May 2015 23:32:52 +0300
From: Alexander Cherepanov <ch3root@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: displaying full meta information about hashes with
 --show=types

On 2015-05-10 21:43, Aleksey Cherepanov wrote:
> I implemented --show=types option that prints all meta information
> about hashes from file. It tries all formats against all hashes and
> prints result in machine parseable format. It applies even formats
> that are disabled. It tries generic crypt always. It respects
> --format= option. It does not bypass john's heuristics for generic
> crypt.

Cool, it will be useful in scripts for sorting and converting hashes.

And it could be useful for fuzzing...

> The format:
> Once for hash:
>    login,
>    original ciphertext,
>    uid,
>    gid,
>    gecos,
>    home,
>    shell.
> For each valid format (may be nothing):
>    label,
>    is format disabled? (1/0),

I don't know if this field is useful but if it's listed at all perhaps 
invert the meaning of it, i.e. 1 for enabled formats and 0 for disabled?

>    number of parts.

I think number of parts is not very useful and can be eliminated. Please 
see below.

>    For each part of splitted/canonical hash:
>      is it same as oringal ciphertext? (1/0),
>      canonical hash or empty string (if the format is disabled).

IMHO there is no much saving by not repeating the hash even if it's the 
same and it would be easier to drop the flag and always output the hash.

If this change is implemented an empty field could be used to separate 
formats. Then the parsing in a scripting language can be done as follows:
1) take the last char as separator;
2) extract first 7 fields as login etc.;
3) split the remaining part by double separator into a list of 
per-format info;
4) for each format split by the separator.

I Perl:

     chomp;
     s/.$//; # strip the separator char at eol...
     my $sep = $&; # ...and store it
     my ($login, $ciphertext, $uid, $gid, $gecos, $home, $shell, $etc) = 
split /\Q$sep\E/, $_, 8;
     for (split /\Q$sep$sep\E/, $etc) { # for each format
         my ($label, $enabled, @parts) = split /\Q$sep\E/;
         print "$label:";
         for (@parts) {
             print " $_";
         }
         print "\n";
     }

-- 
Alexander Cherepanov

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.