Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 29 Sep 2017 16:13:19 -0800
From: Royce Williams <royce@...ho.org>
To: john-users@...ts.openwall.com
Subject: Re: RFC: Hashkiller Rosetta Stone

On Fri, Sep 29, 2017 at 2:44 PM, Frank Dittrich <frank.dittrich@...lbox.org>
wrote:

> Am 29.09.2017 um 23:58 schrieb Solar Designer:
>
>> On Fri, Sep 29, 2017 at 07:20:31AM -0800, Royce Williams wrote:
>>
>>> I'm working on a Hashkiller Rosetta Stone (a list of upload formats
>>> supported by Hashkiller, and how to use those modes in hashcat, john, and
>>> MDXfind.)
>>>
>>> A draft is here:
>>>
>>> https://gist.github.com/roycewilliams/28a9e940e7cd37268ceeac4962bda757
>>>
>>> Any help/tips appreciated. I don't know the underlying algorithm of many
>>> product-specific formats, so I'm almost certainly missing some obvious
>>> ones.
>>>
>>
>> It'd help if you list example hashes, preferably all for a fixed
>> password like "password", so that you don't need to list the
>> corresponding different plaintext passwords as well.
>>
>
>
> It would also help if you would use another syntax for those "generic"
> algorithms.
>
> Currenntly, it is unclear whether MD5-MD5SALTMD5PASS means
> md5(md5(salt).md5(pass)) or not.


This isn't my syntax. Those are the labels used by MDXfind itself. I am new
to MDXfind, so I'm still learning about how to read these; they do indeed
require interpretation that is opaque to the uninitiated. That's part of
what I was hoping to accomplish with the table - caching what I learn for
the benefit of others.




> JtR supports command-line dynamic formats now (and has been for a couple
>> of years, due to work by Jim), so most if not all of your "unsupported"s
>> are actually supported at least in this way.
>>
>
> Yes, you can combine several basic hash functions, use password and/or
> sewveral salts, even constant expressions, etc.
> Check doc/DYNAMIC*,especially doc/DYNAMIC_COMPILER_FORMATS.md.


Thanks for this - will do.


> Those command-line dynamics typically allow for a higher password
>> length, too.  For example, when experimenting with Update 2 from
>> https://haveibeenpwned.com/Passwords I found that "--external=Repeats"
>> cracks plenty of passwords of lengths up to 109 (and I've just tested
>> that it cracks 110 too, but not 111 - as expected) with
>> "--format=dynamic='sha1($p)'", whereas "--format=raw-sha1" only goes up
>> to length 55 (also as expected).
>>
>
> But the dynamic_* formats are usually somewhat faster than the
> dynamic='<expression>'.


That makes sense.


> My future ambition is to expand this concept to be a Rosetta Stone for the
>>> superset of all formats supported by any known product. Small steps
>>> first.
>>> :)
>>>
>>
>>
>
> Cool.  With JtR's command-line dynamics, its list of supported formats
>> is sort of "infinite", though. ;-)
>>
>
> You even get basic bash completion support for the dynamic-formats:
>
> $ ./john --format=dynamic=[tab][tab]
> lists these possible completions:
>
> $ ./john --format=dynamic=
> gost\(        haval192_5\(  md2\(         sha1_64\(     skein224\(
> haval128_3\(  haval224_3\(  md4\(         sha224\(      skein256\(
> haval128_4\(  haval224_4\(  md5\(         sha256\(      skein384\(
> haval128_5\(  haval224_5\(  panama\(      sha384\(      skein512\(
> haval160_3\(  haval256_3\(  ripemd128\(   sha3_224\(    tiger\(
> haval160_4\(  haval256_4\(  ripemd160\(   sha3_256\(    whirlpool\(
> haval160_5\(  haval256_5\(  ripemd256\(   sha3_384\(
> haval192_3\(  keccak_256\(  ripemd320\(   sha3_512\(
> haval192_4\(  keccak_512\(  sha1\(        sha512\(
>
>
> The \ is needed unless you quote the expression. I'll see whether I manage
> to support bash completion even for --format='dynamic= or
> --format=dynamic'= etc. Then I can drop the backslashes.
>
>
> If you quote the expression, it could look like this:
>
> $ ../run/john -test -form:dynamic='sha1(md5(md4($p.$s).$s2))'
> Benchmarking: dynamic=sha1(md5(md4($p.$s).$s2)) [128/128 AVX 4x1]... DONE
> Many salts:     5243K c/s real, 5243K c/s virtual
> Only one salt:  4813K c/s real, 4813K c/s virtual
>
> ($s is the first salt, $s2 a second salt in that example)


Very informative - thank you, Frank!

Royce

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ