Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 13 May 2015 22:54:51 +0300
From: Aleksey Cherepanov <>
Subject: Re: Re: displaying full meta information about hashes
 with --show=types

On Wed, May 13, 2015 at 08:55:45PM +0200, magnum wrote:
> On 2015-05-13 19:37, Aleksey Cherepanov wrote:
> >On Sun, May 10, 2015 at 09:43:45PM +0300, Aleksey Cherepanov wrote:
> >>I implemented --show=types option that prints all meta information
> >>about hashes from file. It tries all formats against all hashes and
> >>prints result in machine parseable format. It applies even formats
> >>that are disabled. It tries generic crypt always. It respects
> >>--format= option. It does not bypass john's heuristics for generic
> >>crypt.
> Pardon me for not following but what is this for again? Some functionality
> in Johnny?

It makes some aspects of interaction with john much easier:
1) it lists all possible formats for _each_ input line (It extends
suggestion warnings to all lines),
2) it prints canonical hashes for each input line in each possible
3) the output format is machine parseable. I tried to make it

It is useful for Johnny. It is useful for tools we use in contests to
manage hashes.

> >--bare-always-valid=Y and the setting work only if a hash on the first
> >line is bare.
> This is probably a bug. I recall having problems with this and this might be
> it.
> >1) if prepared hash is not equal to contents of ciphertext variable,
> >then printed information is about the input line, not about particular
> >field. A parser may find the input line by number. I hope I print 1
> >line for each input line (I am not sure though).
> What about split hashes, for example LM?

It prints all parts in a raw.

> Hmm and what if there was an NT
> hash as well?

It prints NT on the same line. Though the hash is not a canonical pair
to hash in the second field. Hashes in pwdump format are not tried
against all formats. pwdump format is special (maybe l0phtcrack-style
files are special too).

> Are you printing three lines?

I print 1 line.

> Or are they separated per
> format? I guess I should just try your patch..


> >I am going to prepare pull request. A patch is attached.
> +        /* TODO: Should john_main_process be checked? */
> +	if (db_opts->showtypes) {
> +		/* TODO: Do we need to print 'source' var? */
> +		/* TODO: Forbid --salt= and --cost= selectors. */
> +
> IMHO, the Jumbo source code is not an appropriate place for your action
> lists. And the core files are the worst of the worst places to put them.

Ok, I'll remove them.

I did not look on TODOs like on action list. For me, they are more
like documentation for defects in code.


Aleksey Cherepanov

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.