Date: Wed, 15 Jul 2015 17:43:02 +0300 From: Aleksey Cherepanov <lyosha@...nwall.com> To: john-dev@...ts.openwall.com Subject: Re: Default attack format On Wed, Jul 15, 2015 at 04:33:57PM +0200, magnum wrote: > On 2015-07-15 16:00, Shinnok wrote: > >Is there a method to find out which format will John attack by > >default for a given password file, for either core or jumbo? We are > >in the process of sorting out the format confusion for Johnny and we > >need to figure out what to do for the default format case. > > > >https://github.com/shinnok/johnny/issues/61 > > I believe the ultimate answer is "the first format that was registered [as > in fmt_register()] who's valid() doesn't reject all hashes in the file". > > For example, LM and various NT alternatives will accept hashes in pwdump > format. LM is registered before NT, so LM wins. I think this is true even > for files that eg. contain both LM and NT and where all uncracked ones are > the latter. It will still pick LM, and say all (of them) were cracked. > > The output of --list=formats is currently in register order. > > However, what you need is more like a pre-diagnose for a given file. Not > sure how you should go about that. There are workarounds: For example, > background a `john -stdin hashfile <<< ""` and track the output. This has > the side-effect you will never miss to crack an empty password. I think --show=types could do the job: the first format in the first line with 1+ formats listed is the default one. But it is in jumbo only. Thanks! -- Regards, Aleksey Cherepanov
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.