Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 23 Nov 2015 03:38:12 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: hash type identification

Hi,

We have built-in hash type autodetection in JtR: when invoked without a
--format option, yet given file(s) with at least one valid-looking hash
encoding, JtR will print the detected hash types and their corresponding
--format options.

In jumbo, I think there are additional ways to query this information,
for scripting around JtR, but I am not familiar with this.  Frank,
Alexander Cherepanov - maybe you'd comment on this?  And maybe we need
to make this easier to find and use?

Somehow people are developing scripts like this:

http://www.smeegesec.com/2013/11/hashtag-password-hash-identification.html
https://github.com/sam-b/HashData
https://code.google.com/p/hash-identifier/
https://github.com/JoeGlancy/whatisit

The latest one of these is just a day old.  I wonder what causes this.
Do people feel there's functionality missing?  Or do they prefer a
pure scripting language solution, without a dependency on JtR?

There are also web pages like:

http://pentestmonkey.net/cheat-sheet/john-the-ripper-hash-formats

and we have some of our own, linked from the /john summary page:

http://openwall.info/wiki/john/sample-hashes
http://openwall.info/wiki/john/sample-non-hashes

and not linked from anywhere on the wiki itself, yet somehow found by
the author of "whatisit":

http://openwall.info/wiki/john/hash-formats

To me, the hash-formats wiki page doesn't make much sense: it starts by
describing the file format, and proceeds with detail on a weird subset
of the hash types.  I think it'd make more sense to have a wiki page on
the file format only, with links to the sample (non-)hash pages.  Maybe
one (or more) of us will correct this.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.