Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 10 Jul 2015 10:27:26 -0400
From: Rich Rumble <richrumble@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: *2john conversion support

On Fri, Jul 10, 2015 at 8:29 AM, Shinnok <admin@...nnok.com> wrote:
>
> On Jul 8, 2015, at 9:42 PM, Mathieu Laprise <mathlaprise@...il.com> wrote:
>
> Thanks for your answers. It helped me !
>
> On Tue, Jul 7, 2015 at 1:25 PM, Shane Quigley <shane_quigley@...mail.com>
> wrote:
>>
>> Presume *2john is referring to the support of the conversion scripts
>> ussually in python which convert a format into a format john can take in
>> e.g. pdf2john or office2john. Have a look at the docs in the repo
>>
>> Regards,
>>
>> ShaneQful
>>
>> On Tue Jul 7 17:56:25 2015 GMT+0100, Mathieu Laprise wrote:
>> > In another sprint, I'll have to implement *2john conversion support in
>> > Johnny. I have no idea what 2*john is so I want to figure it out before
>> > this sprint arrives. Could you please lead me to some documentation to
>> > help
>> > me understand what this task is about ? Thanks
>> >
>
>
> I guess we can't rely on magic formats or mime types for most of these
> exotic files types, so I'm thinking that the best we can do is add a
> separate button next to open password file or better yet make the existing
> one a QToolbutton with a dropdown of all 2john formats
> supported(hardcoded?). Then the user selects a specific password db format
> from the list, is prompted with a File open dialog and upon selection we run
> the tool on it and open a new session with the results.
>
> This will only work for jumbo I'd assume, since the scripts are only
> available for it. As for the actual invocation of the scripts, all we can do
> is call via QProcess(which will most likely do system()). If any errors are
> encountered(interpreter not found, script error) we display a warning
> message box and the afferent output to the Console Log.
When I read the the Johnny goal of making cracking easier for users I
immediately thought of how easy to use Passware and some of
Elcomsoft's recovery tools are. They are in essence "next next finish"
tools. You are presented with a choice (recover password from: A:
Password Protected File, B: Hashed Password(s), C: Encrypted file(s)).
Chose A, B or C and go to next, let's pick A ->next, Which type of
file... Office, Browser, PDF, PGP, Compressed Archive... unknown...
->next
The "trouble" with *2john.exe on windows is the lack of some binaries,
there are 19 currently that compile for me when making john, possibly
more if I had pcap sources installed... I've created an additional 28
exe's from the python scripts by using pyinstaller and or py2exe. For
most *nix flavors, python is easy to install and so are the required
python lib's. One caveat to the *2john binaries that do compile is
that most if not all require the john binary to work, and in addition
to that, they require (unless modified) john to be called "J O H N"
and not something like john_mpi.exe etc. Has to be john.exe (or john)
I would love Johnny to go down the "next next finish" route, and to
use *2john, but there are going to be some hurdles, and those above
are just the ones I know about or have run into. If there were more
binaries and less *2john scripts, you'd certainly have an easier time
getting windows (I realize there are other OS's :) to use the *2john
tools easier and without yet another "pack" of user contributed tools
to download and use. I'm sure that would translate to other OS's too,
not everyone has Python installed or want's too. Just my two cents of
input :) For ease of use in file recovery, which I think most *2john
tools are, next, next, finish is what I'd like to see. Perhaps the
same for Johnny, I feel bad saying it since the interface isn't setup
that way, but it's an idea.
-rich

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ