Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 15 Apr 2014 23:07:16 +0200
From: magnum <>
Subject: Re: [Suspected Junk Mail] JTR rules log?

On 2014-04-15 22:58, -.-PhanTom-.- wrote:
> I was thinking if it was possible to add the functionality to JTR that
> outputs a second log file, which essentially lists the rules used in an
> attack and counts how many passwords each rules decrypted? (And perhaps
> also list the rules that were rejected.)
> ideally with an option to specify the sort option for the output, to
> either sort by rule "name" or the count of decrypted passes

The current log file basically does shos all of that. Except for one 
thing: If your format loads eg. 1024 hashes at a time and cracks them in 
parallel, those 1024 rules might span several rules. The log file 
illustrates this, best-effort, using wording like "last rule currently 
in use" at times.

To get it more exact than that, we'd need to sacrifice performance. And 
actually I did add such an option to Jumbo years ago. With some (or a 
lot of) performance penalty, you can get a 1:1 mapping in the log file 
using the option "--mkpc=1". You probably also want to set 
LogCrackedPasswords=Y in john.conf.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.