Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Sun, 10 May 2015 00:23:22 +0200
From: Marek Wrzosek <marek.wrzosek@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: bleeding-jumbo - How case and alpha options of regex, mode suppose
 to work?

> On 2015-05-08 23:13, Marek Wrzosek wrote:
>> Hi
>>
>> How case and alpha options suppose to work?
>> In standalone regex mode command line:
> (...)
>> =alpha option for leet, leet2 and leet3 parameters is working as
>> expected, but need =case option to work with leet2_case and leet3_case
>> alphabets. With leet+c =alpha option does not need =case option. And of
>> course there is no leet_case alphabet in regex_alphabets.conf file.
>>
>> Maybe someone should revise README.librexgen file.
>> Undocumented - it's a bug, documented it'll be feature ;-)
> 
> I have no time to look into this right now but from what you wrote so 
> far I guess we have a bug in regex mode, possibly caused by changes the 
> API. I haven't tried this cracking mode since JimF introduced it. Jim 
> himself is apparently occupied with something else right now, and anyway 
> he lost faith in rexgen when the API changed under our feet without 
> notice. I'm afraid this might end (worst case) with us dropping regex 
> mode sooner or later.
> 
> Anyway, thank you for reporting. If you get some clues or info from Jan 
> Starke (author of rexgen) or find out something else of importance, 
> please report this here as well. I may have time to give this a quick 
> look within a week or so.
> 
> magnum

Hi

It seems that most of bugs is rexgen/librexgen related, but one is from
john's side, I think. That one with missing ']' character between \0 and
the rest of string.
If we name "(?i:foo\0" a prefix version of command and "\0(?i:bar)" a
postfix version, than rexgen has problem with both of them, but
librexgen only with prefix one.
$ rexgen [pP][aA]|rexgen -f - "(?i:y|n)\0(?i:y|n)"
ypay
Ypay
npay
Npay
paY
npaY
NpaY
pan
npan
Npan
paN
npaN
NpaN
Pa
nPa
NPa
Pan
nPan
NPan
PaN
nPaN
NPaN
pA
npA
NpA
pAn
npAn
NpAn
pAN
npAN
NpAN
PA
nPA
NPA
PAn
nPAn
NPAn
PAN
nPAN
NPAN

$ echo "pa"|./john --stdin --regex=case=alpha:case="(?i:y|n)\0](?i:y|n)"
--stdout
buf=[pP][aA]
ypay
Ypay
npay
Npay
Pay
nPay
NPay
pAy
npAy
NpAy
PAy
nPAy
NPAy
paY
npaY
NpaY
PaY
nPaY
NPaY
pAY
npAY
NpAY
PAY
nPAY
NPAY
pan
npan
Npan
Pan
nPan
NPan
pAn
npAn
NpAn
PAn
nPAn
NPAn
paN
npaN
NpaN
PaN
nPaN
NPaN
pAN
npAN
NpAN
PAN
nPAN
NPAN
49p 0:00:00:00 0.00% 288.2p/s NPAN

Other thing can be solved by rewriting README.librexgen file. Manual for
rexgen is very helpful.
I send a mail to Jan Starke about bugs in rexgen and librexgen.
Regex is great as post-processing of password candidates and is much
easier an faster to write regex option on command line than write rules
in john.conf.

Bests

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.