Date: Wed, 3 Feb 2010 12:29:16 -0600 From: Minga Minga <mingakore@...il.com> To: john-users@...ts.openwall.com Subject: Feature Requests for JtR All, Ive had a few ideas I'd like to toss around about some ideas of new features I'd like to see in JtR. These are on my "TODO" list, but the amount of time I have to hack source right now is quite limited. I thought someone else might be interested, or have opinions about them. I have ways around all the items below, I just wanted people to know some things Ive run up against while running over 100 john processes at once. 1) --nolog (do not create .log file). I find myself filling up partitions with .log files for some complex rules. Sometimes I don't need a .log file - and have to program in 'rm session123.log' into my automation scripts. It would be nice to only create .rec (session) files - but no .log files. Im aware - some people WANT .log files - so a command line option makes sense (or maybe an entry in john.conf ? ). Do you all USE .log files for something? Is there something I SHOULD be doing with my .log files? Because I just deleted a 400 MEG .log file without looking at it ;) 2) Random Session/.rec file names. If a JtR instance is started and the default .rec session filename is already created - it would be nice in some cases if a "random" session (file)name was created automatically for the user. (I tried to change the source to do this - and failed. But it looks 'easy' to do - if you aren't out of practice): Some ideas I've had on this: a) session file name could be [passwd_filename]-[ruleset_specified]-date.rec such as pwdump-wordlist-02022010.rec or shadow-nt-02022010.rec or ciscohashes-KoreRulesAppendJustNumbers-02022010.rec b) Just "random" filenames. Maybe based on md5 of filename or something? Maybe a command line option to automatically create a random session filename instead of just using the default. This might not be ideal for all users - but some of us would love it ;) john --random-session pwdump.txt (for example). 3) Command line option to specify which john.conf to use. Same idea as "--pot=NAME pot file to use" But allow the user to specify which john.conf file to use on the command line (is this already possible?? - Am I missing something?). ESPECIALLY useful with --external:parallel Currently, I have to use 'sed' to manipulate values in the --external:parallel when I want to automate the process. I then overwrite john.conf - launch the process - then RE-generate another john.conf and this process repeats over and over again. It gets a bit annoying with 100 cores across multiple systems - because I have to 'scp' john.conf s everytime I want to start a new process. It would be nice if there was --conf=NAME option that would allow me to specify which john.conf file to use. And I could distribute the john.conf's ahead of time to all the systems. Imagine a system with 16 cores? and they all have to use the same john.conf FILENAME. What if I want to CNTL-C and the '--restore' at a later time? Beginner users would have no use for this, I understand that. But it would make automation on a large scale much easier for me/us/you. ;) Yes, I already know other ways around this. Yes, I know there are different ways to approach this. Yes, Im aware that I could do XXX or YYY thats not what Im looking for. Im looking for '--conf=NAME' ---------------------------------- Question / Problem / Feature Request ---------------------------------- X) I really LOVE the new ETA functionality. Is there a way already (or can there be a way) to ask 'john' what the ETA is for a set of wordlist and rule and get an answer with out having to either CNTL-C a process or hit a key while its running? (Im aware thats not how ETA works... please keep reading). (Thats poorly worded, here is the problem): I have about 30 very complex rules I have written (and will be announcing here soon) - I also have approx. 50 wordlist files I want to use. I want to run all 30 sets of rules - on all 50 word lists. And I'd like to be able to know how long each of them will take to run. It would be NICE to know the ETA of a rule/wordlist combination ahead of time. (I know there is *NO* way to get a precise time - I just need a VERY rough estimate). The goal of which - would be to run the fastest rules/wordlist combinations first. Right now, I am just guessing at the priority - but if there was a way 'john' could TELL me which combinations have the least amount of possible passwords, that would be helpful. Im aware thats not how ETA works - and that it changes over time. Is there another way to do this besides ETA? Does -test already do this in conjunction with user-specified wordlist/rules ? If not ETA - then something like x=(Lines in wordlist*amount of rule combinations) I dont need the output to be 100% accurate - just an IDEA of what rule/wordlist combinations are fast - and which are slow. I am currently doing this by hand - and its doable. But in the future I will will have like 500 wordlists - and 100+ rules. Eventually, it will NOT be doable by hand. Any ideas? -Minga KoreLogic
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.