Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 22 Mar 2016 12:47:43 +0000 (UTC)
From: JimF <jfoug@...nwall.net>
To: john-users@...ts.openwall.com
Subject: Re: Hashcat-style 

magnum <john.magnum@...> writes:
> I had a look at implementing what Hashcat describes like this:
> 
> Ascii increment	+N	Increment character  <at>  N by 1 ascii value
> Ascii decrement	-N	Decrement character  <at>  N by 1 ascii value
> 
> The code for doing this is totally trivial but there are other caveats:
> 
> * The '+' is already used for concatenation of Single mode pairs.
> * The '-' at the beginning of line will be parsed as an invalid rule-reject.
> 
> Despite this I managed to implement them like this: The '+' will only mean
"increment ASCII" if we did not use
> a '1' or '2' command first. And if you want to place '-N' in the start of
a line, you can prepend a no-op 'M' to
> protect it from being parsed as a rule-reject. But this was mostly for
trying it out, I don't think this is
> satisfactory. If nothing else, I'd actually like to use this *with* Single
mode pair words.
> 
> There's also the question how to handle an incremented \xFF. Hashcat will
gladly increment it to a zero but
> this will be an actual \x00 possibly in the middle of the word, while JtR
would truncate the word at that
> point. IMO we could just leave this as it happens to end up.

I know this was message was a bit old (that is why I appended most of the 
original message), and that there never was a reply to it.  

I have opened an issue request for a new feature for bleeding, to try to get
some specific HC only rules added to john.  

https://github.com/magnumripper/JohnTheRipper/issues/2095

There are more rules than just the 2 listed here. Several which I think look
very powerful.  All should be trivial to add to the existing rule set, with
the exception of these 2 (the + and -), but as Magnum has mentioned,
actually adding the + and - is not all that hard.  There may be a case or 2
that can not be handled, but those cases should pretty few.


Magnum noted that before starting anything on this, that it should be
brought to the ML first, and I do agree, since this is a change to default
behavior.

Jim.



Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.