Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 1 Mar 2010 04:01:58 +0300
From: Solar Designer <>
Subject: Re: Special character (like TAB) in rules

On Fri, Feb 26, 2010 at 09:12:16AM +0100, Magnum, P.I. wrote:
> Is there a way to specify specific non-printables in rules? Say I want 
> to prepend a TAB, or match a TAB and replace with a BEL, just as 
> examples. The documentation does not mention any way to do this.

There's no JtR-specific way to do it.  You may embed those characters in
the config file literally if your text editor permits you to do so - e.g.,
in VIM to enter a TAB you simply press the Tab key, and to enter a BEL
you may press Ctrl-V Ctrl-G.  I understand that this is not pretty.
Also, it won't work for CR, LF, and NUL, because they will affect the
config file parsing (and more).

> In external modes, I can use 0x09 of course.
> A generic way to specify *any* non-printable, like \x09 or something to 
> that effect, would be very usable.

OK, I've added your request to my ever-growing to-do list.  I think
people might also find this useful to specify 8-bit and utf-8 characters
when their native character set is different - e.g., I might have my
terminal and keyboard layout configured for koi8-r, yet have some of the
rules append iso-8859-1 characters.

> I thought of placing this 
> functionality in the preprocessor but keep in mind you may want to use 
> it in a PP list (like [0-9\x09] for digits + TAB) too.

That's precisely the reason to have it in the preprocessor and not
somewhere else.

> Or even a CR or LF for that matter.

That's tricky.  Perhaps the new escape sequence will allow you to
specify those characters without affecting the config file parsing, but
if you get a password cracked with one or both of those characters it
will violate the john.pot file format.  So a certain escaping mechanism
would need to be introduced into the john.pot file format before it
possibly becomes reasonable to include those control characters in
candidate passwords.

> I haven't looked into it yet, any comments off the top of your head?

I doubt that you'd crack many passwords with non-printable characters.
You could start by embedding the characters literally (as I explained
above) and/or by adjusting the DumbForce external mode sample to include
control characters and using that.



Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.