>From f66caac89ae739fc2d6244028263258016c08111 Mon Sep 17 00:00:00 2001 From: Frank Dittrich Date: Mon, 25 Jun 2012 17:40:20 +0200 Subject: [PATCH] add --list=format-all-details --list=format-all-details lists all formats and their attributes in the same sequence as --list=format-details, but in a human readable form --- doc/OPTIONS | 112 +++++++++++++++++++++++++++++++---------------------------- src/john.c | 42 +++++++++++++++++++++- 2 files changed, 99 insertions(+), 55 deletions(-) diff --git a/doc/OPTIONS b/doc/OPTIONS index 2040345..55abe41 100644 --- a/doc/OPTIONS +++ b/doc/OPTIONS @@ -24,14 +24,14 @@ argument (if supported for a given option). The supported options are as follows, square brackets denote optional arguments: ---single[=SECTION] "single crack" mode +--single[=SECTION] "single crack" mode Enables the "single crack" mode, using rules from the configuration file section [List.Rules:Single]. If --single=Single_2 then the rules from [List.Rules:Single_2] section would be used. ---wordlist[=FILE] wordlist mode, read words from FILE, ---stdin or from stdin +--wordlist[=FILE] wordlist mode, read words from FILE, +--stdin or from stdin These are used to enable the wordlist mode. If FILE is not specified, the default batch-mode one (from john.conf) will be used. @@ -58,24 +58,24 @@ attacked. Input data in a character encoding other than the default 'raw'. See also doc/ENCODINGS. --list=encodings gives a list of all handled encodings. ---rules[=SECTION] enable word mangling rules for wordlist mode +--rules[=SECTION] enable word mangling rules for wordlist mode Enables word mangling rules that are read from [List.Rules:Wordlist]. If --rules=Wordlist_elite was used, then [List.Rules:Wordlist_elite] would be the section used. ---incremental[=MODE] "incremental" mode [using section MODE] +--incremental[=MODE] "incremental" mode [using section MODE] Enables the "incremental" mode, using the specified configuration file definition (section [Incremental:MODE], or [Incremental:All] by default except for LM hashes for which the default is [Incremental:LanMan]). ---external=MODE external mode or word filter +--external=MODE external mode or word filter Enables an external mode, using external functions defined in section [List.External:MODE]. ---stdout[=LENGTH] just output candidate passwords +--stdout[=LENGTH] just output candidate passwords When used with a cracking mode, except for "single crack", makes John output the candidate passwords it generates to stdout instead of @@ -84,12 +84,12 @@ specified when this option is used. If a LENGTH is given, John assumes that to be the significant password length and only produces passwords up to that length. ---restore[=NAME] restore an interrupted session +--restore[=NAME] restore an interrupted session Continues an interrupted cracking session, reading state information from the specified session file or from $JOHN/john.rec by default. ---session=NAME give a new session the NAME +--session=NAME give a new session the NAME This option can only be used when starting a new cracking session and its purpose is to give the new session a name (to which John will @@ -99,14 +99,14 @@ able to later recover a session other than the last one you interrupt. john.log file will also be named NAME.log (whatever 'NAME' is), so that any logging of the session work will end up in this file. ---status[=NAME] print status of a session [called NAME] +--status[=NAME] print status of a session [called NAME] Prints status of an interrupted or running session. Note that on a Unix-like system, you can get a detached running session to update its session file by sending a SIGHUP to the appropriate "john" process; then use this option to read in and display the status. ---make-charset=FILE make a charset, overwriting FILE +--make-charset=FILE make a charset, overwriting FILE Generates a charset file based on character frequencies from $JOHN/john.pot, for use with the "incremental" mode. The entire @@ -116,7 +116,7 @@ may restrict the set of passwords used by specifying some password files password files will be used), "--format", or/and "--external" (with an external mode that defines a filter() function). ---show[=left] show cracked passwords +--show[=left] show cracked passwords Shows the cracked passwords for given password files (which you must specify). You can use this option while another instance of John is @@ -125,32 +125,32 @@ information, first send a SIGHUP to the appropriate "john" process. if --show=left then all uncracked hashes are listed (in a john 'input' file format way). =left is just that literal string "=left". ---test[=TIME] run tests and benchmarks for TIME seconds each +--test[=TIME] run tests and benchmarks for TIME seconds each Tests all of the compiled in hashing algorithms for proper operation and benchmarks them. The "--format" option can be used to restrict this to a specific algorithm. Using --test=0 will do a very quick self-test but will not produce usable speed figures. ---users=[-]LOGIN|UID[,..] [do not] load this (these) user(s) +--users=[-]LOGIN|UID[,..] [do not] load this (these) user(s) Allows you to select just a few accounts for cracking or for other operations. A dash before the list can be used to invert the check (that is, load information for all the accounts that are not listed). ---groups=[-]GID[,..] load users [not] of this (these) group(s) +--groups=[-]GID[,..] load users [not] of this (these) group(s) Tells John to load (or to not load) information for accounts in the specified group(s) only. ---shells=[-]SHELL[,..] load users with[out] this (these) shell(s) +--shells=[-]SHELL[,..] load users with[out] this (these) shell(s) This option is useful to load accounts with a valid shell only or to not load accounts with a bad shell. You can omit the path before a shell name, so "--shells=csh" will match both "/bin/csh" and "/usr/bin/csh", while "--shells=/bin/csh" will only match "/bin/csh". ---salts=[-]COUNT[:MAX] load salts with[out] at least COUNT passwords +--salts=[-]COUNT[:MAX] load salts with[out] at least COUNT passwords This is a feature which allows to achieve better performance in some special cases. For example, you can crack only some salts using @@ -161,12 +161,12 @@ loaded where there are more than MAX salts. This is so that if you have run --salts=25 and then later can run --salts=10:24 and none of the hashes that were already done from the --salts=25 will be re-done. ---pot=NAME pot filename to use +--pot=NAME pot filename to use By default, john will use john.pot. This override allows using a different john.pot-like file (to start from, and to store any found password into). ---format=NAME force hash type NAME +--format=NAME force hash type NAME Allows you to override the hash type detection. Currently, valid "format names" are DES, BSDI, MD5, BF, AFS, LM, and crypt (and many more @@ -204,9 +204,10 @@ cracked) for hashes of the "faster" types (as compared to the "slower" ones loaded for cracking at the same time). So you are advised to use separate invocations of John, one per hash type. ---list=subformats displays all the built-in dynamic formats, and exits +--list=subformats displays all the built-in dynamic formats, + and exits ---save-memory=LEVEL enable memory saving, at LEVEL 1..3 +--save-memory=LEVEL enable memory saving, at LEVEL 1..3 You might need this option if you don't have enough memory or don't want John to affect other processes too much. Level 1 tells John to @@ -216,7 +217,7 @@ impact is that you won't see the login names while cracking. Higher memory saving levels have a performance impact; you should probably avoid using them unless John doesn't work or gets into swap otherwise. ---mem-file-size=SIZE max size of wordlist to preload into memory +--mem-file-size=SIZE max. size of wordlist to preload into memory One of the significant performance improvements for some builds of john, is preloading the wordlist file into memory, instead of reading @@ -227,7 +228,7 @@ will force loading to memory regardless of file size (take care not to exceed your physical memory limits, or things will just run much slower). NOTE if --save-memory is used, preload will be disabled. ---field-separator-char=c Use 'c' instead of the char ':' +--field-separator-char=c Use 'c' instead of the char ':' By design, john works with most files, as 'tokenized' files. The field separator used by john is the colon ':' character. However, there are @@ -245,7 +246,7 @@ represented by the keyboard, then the format of --field-separator-char=\xHH can be used. --field-separator-char=\x1F would represent the character right before the space (space is 0x20) ---fix-state-delay=N only determine the wordlist offset every N times +--fix-state-delay=N only determine the wordlist offset every N times This is an optimization which helps on some systems. This just limits the number of times that the ftell() call is performed. @@ -253,7 +254,7 @@ The one side effect, is that if john is aborted, and restarted, it may redo more tests. Thus, the use of this option is only acceptable and desirable for fast hash types (e.g., raw MD5). ---nolog turns off john.log file +--nolog turns off john.log file This will turn off creation, or updating to the john.log file (which may have a different name if the --session=NAME flag was used.) Often the @@ -263,12 +264,12 @@ is often used to check what work has been done, but if this will not be needed, and the log file is simply going to be deleted when done, then running in --nolog mode may be used. ---crack-status show status line on every crack +--crack-status show status line on every crack This will automagically emit a status line at every cracked password. This is mostly for testing. ---mkpc=N force min/max keys per crypt to N +--mkpc=N force min/max keys per crypt to N This option is for certain kinds of testing and is not mentioned in the usage blob. Many formats perform the crypts in batches of several (sometimes @@ -278,38 +279,43 @@ example is for studying which rules give most "hits": Without this options, you can't know for sure which rule produced a successful guess when analyzing the log file. ---list=WHAT list capabilities +--list=WHAT list capabilities This option can be used to gain information about what rules, modes etc are available. Use --list=? for a list of valid arguments. For example, the now deprecated --subformat=LIST is now --list=subformats. The different variants of list externals may be worth mentioning: ---list=externals list all external modes/filters ---list=ext-modes list external modes [has a generate()] ---list=ext-filters list external filters, including modes with a filter ---list=ext-filters-only list external filters [lacks a generate()] ---list=formats list all the supported formats in the sequence they - are registered (this is also the sequence that will - be used to identify the first format which detects - a valid ciphertext (password hash) in the input file - if john is started without the --format=NAME option) ---list=format-details list all the suported formats in the same sequence as - with --list=formats, but with additional details - -format label - this is to be used as NAME in --format=NAME - -maximum supported password length in bytes - for performance reasond, the maximum length - supported by John the Ripper can be shorter than - the maximum length supported by the application - which uses this format - -minimum keys per crypt - -maximum keys per crypt - -format flags - -number of hard coded test cases for --test - -algorithm name - -format name - (the individual columns are separated by [tab]) +--list=externals list all external modes/filters +--list=ext-modes list external modes [has a generate()] +--list=ext-filters list external filters, including modes with a filter +--list=ext-filters-only list external filters [lacks a generate()] +--list=formats list all the supported formats in the sequence they + are registered (this is also the sequence that will + be used to identify the first format which detects + a valid ciphertext (password hash) in the input file + if john is started without the --format=NAME option) +--list=format-details list all the suported formats in the same sequence as + with --list=formats, but with additional details + (wich might be more interesting for developers than + for regular users), intended to be parsed automatically + -format label + this is to be used as NAME in --format=NAME + -maximum supported password length in bytes + for performance reasond, the maximum length + supported by John the Ripper can be shorter than + the maximum length supported by the application + which uses this format + -minimum keys per crypt + -maximum keys per crypt + -format flags + -number of hard coded test cases for --test + -algorithm name + -format name + (the individual columns are separated by [tab]) +--list=format-all-details list all the suported formats and their attributes + in the same sequence as with --list=format-details, + but in a more descriptive form readable by humans --regen-lost-salts=N Try to find password AND salt in a set of raw hashes. diff --git a/src/john.c b/src/john.c index 35d598e..8e3ce71 100644 --- a/src/john.c +++ b/src/john.c @@ -571,8 +571,9 @@ static void john_init(char *name, int argc, char **argv) if (options.listconf && !strcasecmp(options.listconf, "?")) { - puts("subformats, inc-modes, rules, externals, ext-filters, ext-filters-only,"); - puts("ext-modes, build-info, hidden-options, encodings, formats, format-details,"); + puts("subformats, inc-modes, rules, externals, ext-filters, ext-filters-only, "); + puts("ext-modes, build-info, hidden-options, encodings, formats, format-details, "); + puts("format-all-details, "); #ifdef CL_VERSION_1_0 printf("opencl-devices, "); #endif @@ -796,6 +797,43 @@ static void john_init(char *name, int argc, char **argv) } while ((format = format->next)); exit(0); } + if (options.listconf && + !strcasecmp(options.listconf, "format-all-details")) { + struct fmt_main *format; + format = fmt_list; + do { + int ntests = 0; + + if(format->params.tests) { + while (format->params.tests[ntests++].ciphertext); + ntests--; + } + /* + * attributes should be printed in the same sequence + * as with format-details, but human-readable + */ + printf("Format label \t%s\n", format->params.label); + printf("Max. password length in bytes \t%d\n", format->params.plaintext_length); + printf("Min. keys per crypt \t%d\n", format->params.min_keys_per_crypt); + printf("Max. keys per crypt \t%d\n", format->params.max_keys_per_crypt); + printf("Flags\n"); + printf(" Case sensitive \t%s\n", (format->params.flags & FMT_CASE) ? "yes" : "no"); + printf(" 8-bit \t%s\n", (format->params.flags & FMT_8_BIT) ? "yes" : "no"); + printf(" Converts 8859-1 (to unicode)\t%s\n", (format->params.flags & FMT_UNICODE) ? "yes" : "no"); + printf(" Honours --encoding=utf8 \t%s\n", (format->params.flags & FMT_UTF8) ? "yes" : "no"); + printf(" False positives possible \t%s\n", (format->params.flags & FMT_NOT_EXACT) ? "yes" : "no"); + printf(" Uses bitslice implementation\t%s\n", (format->params.flags & FMT_BS) ? "yes" : "no"); + printf(" split() unifies case \t%s\n", (format->params.flags & FMT_SPLIT_UNIFIES_CASE) ? "yes" : "no"); +#ifdef _OPENMP + printf(" Parallelized with OpenMP \t%s\n", (format->params.flags & FMT_OMP) ? "yes" : "no"); +#endif + printf("Number of test cases for --test \t%d\n", ntests); + printf("Algorithm name \t%s\n", format->params.algorithm_name); + printf("Format name \t%s\n", format->params.format_name); + printf("\n"); + } while ((format = format->next)); + exit(0); + } /* --list last resort: list subsections of any john.conf section name */ if (options.listconf) { -- 1.7.7.6