Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20150510234027.GA28403@openwall.com>
Date: Mon, 11 May 2015 02:40:27 +0300
From: Aleksey Cherepanov <lyosha@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: displaying full meta information about hashes with
 --show=types

On Sun, May 10, 2015 at 11:32:52PM +0300, Alexander Cherepanov wrote:
> On 2015-05-10 21:43, Aleksey Cherepanov wrote:
> >I implemented --show=types option that prints all meta information
> >about hashes from file. It tries all formats against all hashes and
> >prints result in machine parseable format. It applies even formats
> >that are disabled. It tries generic crypt always. It respects
> >--format= option. It does not bypass john's heuristics for generic
> >crypt.
> 
> Cool, it will be useful in scripts for sorting and converting hashes.

It should be useful for Johnny too.

While I intended to make code that prints something for each line of
input file, the code skips bare lines of length < 13 when they consist
of letters.

Fro instance: abcdefghijkl

These are loaded:
1234567890
abcdefghijklm - loaded and validated as crypt: abcdefghijklm
abcdefghijklmo

Loading of the line with : at the beginning works:
:abcdefghijk
:abcdefghijkl


The code responsible for the skipping:

	fields[0] = *login = ldr_get_field(&line, db_opts->field_sep_char);
	fields[1] = *ciphertext = ldr_get_field(&line, db_opts->field_sep_char);

/* Check for NIS stuff */
	if ((!strcmp(*login, "+") || !strncmp(*login, "+@", 2)) &&
	    strlen(*ciphertext) < 10 && strncmp(*ciphertext, "$dummy$", 7)
	    && strncmp(*ciphertext, "$0$", 3))
		return 0;

	if (!**ciphertext && !line) {
/* Possible hash on a line on its own (no colons) */
		char *p = *login;
/* Skip leading and trailing whitespace */
		while (*p == ' ' || *p == '\t') p++;
		*ciphertext = p;
		p += strlen(p) - 1;
		while (p > *ciphertext && (*p == ' ' || *p == '\t')) p--;
		p++;
/* Some valid dummy or plaintext hashes may be shorter than 10 characters,
 * so don't subject them to the length checks. */
		if (strncmp(*ciphertext, "$dummy$", 7) &&
		    strncmp(*ciphertext, "$0$", 3) &&
		    p - *ciphertext != 10 /* not tripcode */) {
/* Check for a special case: possibly a traditional crypt(3) hash with
 * whitespace in its invalid salt.  Only support such hashes at the very start
 * of a line (no leading whitespace other than the invalid salt). */
			if (p - *ciphertext == 11 && *ciphertext - *login == 2)
				(*ciphertext)--;
			if (p - *ciphertext == 12 && *ciphertext - *login == 1)
				(*ciphertext)--;
			if (p - *ciphertext < 13)
				return 0;
		}
		*p = 0;
		fields[0] = *login = no_username;
		fields[1] = *ciphertext;
	}

I am not sure what to do. You see 2 return statements here. There are
3 more before my code, they do not need to be handled specially.

	if (ldr_check_list(db_opts->users, *login, *uid)) return 0;
	if (ldr_check_list(db_opts->groups, gid, gid)) return 0;
	if (ldr_check_shells(db_opts->shells, shell)) return 0;

While the first 2 'return' statements may be extended to print the
line to be skipped in --show=types mode before exit.

Thanks!

-- 
Regards,
Aleksey Cherepanov

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.