Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 26 Feb 2011 14:44:40 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Password file hash type analysis in JtR

On Mon, Jan 24, 2011 at 08:01:45PM -0500, Robert Harris wrote:
> Potential new output:
> 
> The following password hash format(s) was/were discovered in the input file
> <file>:
> 
> <format1>
> 
> <format2>
> 
> ...
> 
> <formatx>

This has been on my to-do for ages, and I've just implemented it for the
upcoming 1.7.7.  The current output is:

$ ./john pw-fake-unix
Warning: only loading hashes of type "des", but also saw type "bsdi"
Warning: only loading hashes of type "des", but also saw type "md5"
Warning: only loading hashes of type "des", but also saw type "bf"
Loaded 3269 password hashes with 2243 different salts (Traditional DES [64/64 BS MMX])
Remaining 3026 password hashes with 2073 different salts
pianoman         (u2508-des)
kirk             (u1154-des)
[...]
swordfis         (u2757-bigcrypt:1)
[...]
chiara           (u1852-des)
christop         (u1861-des)
guesses: 127  time: 0:00:00:00 0% (1)  c/s: 120242  trying: pianoman - people
Passwords printed while cracking might be partial
Use the "--show" option to display all of the cracked passwords reliably
Session aborted

As you can see, it became a lot more verbose - maybe too verbose even?
Comments are welcome.

The detection/reporting of other hash types is currently only
implemented when the "--format" option is not specified.  It is assumed
that the person using "--format" is already aware of what hash types
they have.  This provides a way to avoid the performance overhead of
detection of other hash types.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.