Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Wed, 3 Jun 2015 14:58:34 -0400
From: Rich Rumble <richrumble@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: [Johnny] Task 1.6.1 Multiple cracking session management

On Wed, Jun 3, 2015 at 2:06 PM, Aleksey Cherepanov <lyosha@...nwall.com> wrote:
> Mathieu,
>
> On Tue, Jun 02, 2015 at 02:14:09PM -0400, Mathieu Laprise wrote:
>> Also, I understand why we need to keep track of the input password files
>> and .rec files to achieve this but why do we need to keep track of the .pot
>> files as Shinnok said ?
>
> Shinnok - did you mean something specific?
It would be nice if Johnny could read the .rec files that may exist
already and perhaps prepopulate the dropdowns or options. If I
specified a custom pat file, and wanted to resume cracking, the .rec
should have that data in it and JtR should reuse that. It would be
nice to have some "common" features of JtR in Johnny, I can see --pot
as being one of those. You also don't want to confuse users too much
so maybe those can be "advanced" features that come out if you choose
"advanced"?
>> Last but not least, will the "Open session" button becomes a file browser
>> for any .rec files or will we manually keep track of the 5-10 or 20 last
>> sessions and show them in a UI friendly drop down list.
>
> Johnny has additional .johnny files (only 1 so far) to store its own
> session description.
Again if it read all .rec files in the current $john directory, you
could have a drop down list of sessions, sorted if possible from
latest to earliest.
> It is not possible to support .rec files from command line invocations
> of john in general way: .rec stores paths as provided, so there may be
> relative paths. To restore such session pwd should be known, it is not
> trivial to guess it (at least with default .rec file).
I wouldn't know :) But if your just passing --restore=session_here
then JtR itself is the limitation. But if Johnny is reading .rec's
then it should read it how they are in the .rec files already, which I
believe is how JtR was invoked is how it's stored. I don't see this as
an issue I guess...I think I'm not understanding this one.
> AFAIK .pot files are not specified from johnny. Default .pot is used.
> So it is not needed to track it. User can change .pot file through
> john.conf but it is not something to handle in Johnny. To specify .pot
> file is a separate task and I am not sure that it is needed. There are
> scenarios to use it: user may want to crack from the very beginning to
> collect statistics by attacks in form of .pot files (one attack - one
> .pot, `wc -l *.pot` shows stats).
I do this all of the times, I specify a pot so I can see statistically
which list, mode or other attack is faster on the same hashes. Again
maybe an "advanced" button could be used to open up more options.
I hope I understood what the questions are/were, and I'll be more
vocal going forward as I want to use a GUI for JtR and I want to help
others use JtR effectively on windows. I'm not sure I can help past
testing and suggesting, but I might be able to do tool-tips or
man/help files, documentation and that sort of thing.
-rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.