Date: Sun, 20 May 2012 20:16:18 +0200 From: Frank Dittrich <frank_dittrich@...mail.com> To: john-dev@...ts.openwall.com Subject: Re: Additions to JtR rules, arbitrary characters On 05/19/2012 11:07 PM, jfoug@....net wrote: > I have had need for a while to insert arbitrary characters into JtR rules. > I have made a couple of changes in rpp.c, which will now allow this. Your patched doc/RULES text mentions $\x10 as a rule to append a newline character. I also noticed that appending a newline character cracked several raw-md5 hashes from https://www.korelogic.com/InfoSecSouthwest2012_Ripe_Hashes.html BTW: This is another indication that these hashes contain many fakes where people probaby used $ echo "password"|md5sum - instead of $echo -n "password"|md5sum - I used an external mode to append a newline character . Cracking these hashes with such an external mode or with a rule $\x10 and your patched rpp.c works. However, john.pot will also contain these newline characters. This results in john --show reporting wrong cracked passwords, unique removing "duplicate" empty lines, and so on. I'm not sure how much effort should be spent supporting such faked hashes. Can/should we try to add new options/values to john --show and/or unique? Or is this just not worth the effort, because these passwords will never be needed to crack real password hashes? Frank
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.