Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 16 Feb 2006 05:12:08 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Languages outside of english

On Mon, Feb 13, 2006 at 09:01:21PM -0500, Bob Wright wrote:
> I am looking to add an alphabet outside of english and was curious if 
> anyone could lead me in the right direction? Specifically romanian. I 
> have the alphabet however i am unsure how to insert it into my conf. 
> While ive used john for awhile, ive never modified it to this end. Ive 
> done several google searches however im not turning up the correct 
> results. =| The primary issue is charectors which are outside of the 
> english alphabet.

You did not mention what hash type is being used.  Some hash types are
7-bit only.

You also didn't mention what cracking mode you wanted to use this with,
so I'll provide four separate answers:

1. For "single crack" mode, there's nothing for you to do.  John will
pick whatever users' full names it sees, etc. - including any unusual
characters (8-bit and such).

2. For wordlist mode, there's also nothing for you to do, besides
providing the desired wordlists.  John will pick whatever it sees there.

However, with either or both of these modes, if you would like John to
be prefixing and/or suffixing words with extra characters, then you may
need to specify the proper rules in [List.Rules:Single] and/or
[List.Rules:Wordlist] including the unusual characters you would like
John to use.

3. For "incremental" mode, the supplied all.chr is limited to the 95
printable US-ASCII characters.  It does not contain any 8-bit characters.
Moreover, there are compile-time settings for "incremental" mode in
params.h which are configured for printable US-ASCII by default.

While you could adjust those settings (in particular, CHARSET_MAX),
recompile John, and generate a new .chr file, I do not recommend that
you do that.  "Incremental" mode relies on statistical information
heavily, and you most likely do not have enough passwords cracked with
those 8-bit characters in order to generate a reasonable .chr file.

So you're out of luck with this.

4. For external mode, you can just program your very own external mode
(or modify a sample one) to produce candidate passwords containing
whatever characters you like.

For example, the following code will try all 8-bit characters, except
for most 7-bit controls, but including DEL and the 8-bit controls (0x7f
to 0x9f), so some terminals and terminal emulators might misbehave when
you hit a key for status while running this.  But it should get all of
your short passwords.

[List.External:8bit]
int length;				// Current length

void init()
{
	word[0] = 0x20 - 1;		// Start with " "
	word[length = 1] = 0;
}

void generate()
{
	int i;

	i = length - 1;			// Start from the last character
	while (++word[i] > 0xff)	// Try to increase it
	if (i)				// Overflow here, any more positions?
		word[i--] = 0x20;	// Yes, move to the left, and repeat
	else				// No
	if (length < 8) {
		word[i = ++length] = 0;	// Switch to the next length
		while (i--)
			word[i] = 0x20;
		return;
	} else {
		word = 0; return;	// We're done
	}
}

void restore()
{
	length = 0;			// Calculate the length
	while (word[length]) length++;
}

With the above in your john.conf, you invoke it with "--external=8bit".

Hope this helps.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Was I helpful?  Please give your feedback here: http://rate.affero.net/solar

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ