Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 7 May 2016 21:30:00 -0400
From: Matt Weir <cweir@...edu>
To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com>
Subject: Re: Status of session when using -pipe and -stdin

Thanks for the reply! I agree with your assessment, but unfortunately
getting the pid of john automatically into the script is difficult. At that
point, it's easier just to do the ./john -status in a different window. I
was hoping there might be some sort of control character I could send via
stdin that would prompt john to display a status. For example if
'THIS_IS_A_JTR_STATUS_REQUEST' encoded in UTF-8, (or some truely
weird/custom UTF-16 character combo), is sent then display a status output.
Since that's unlikely to represent a real password it hopefully wouldn't
negatively impact real cracking sessions.

That being said, I think the use case of such a feature is pretty small and
it does have the potential to impact real cracking sessions, (at least from
a speed perspective if nothing else), so if it doesn't already exist I'd
probably argue against adding it. It was just something that's been bugging
me for a bit so I figured I'd ask. A simple workaround on my part would be
to pass the john cracking session name in to the script as an argument and
then have it call ./john -status directly.

Thanks again,
Matt

On Sat, May 7, 2016 at 1:04 PM, jfoug <jfoug@...nwall.net> wrote:

> On 5/7/2016 11:12 AM, Matt Weir wrote:
>
>> I frequently run other scipts and feed the input into John using the -pipe
>> or -stdin options. If I want to get the status of the cracking session
>> normally I just run in another terminal
>>
>> ./john -status -session=blah
>>
>> What I was wondering was if there was a way to have the script i'm running
>> send JtR a special value to have the running session of JtR print out a
>> status output.
>>
>> Aka if I'm running
>>
>> ./myscript.sh | ./john -stdin -format=raw-md5 password_list.txt
>>
>> and I hit <enter>, the output would be
>>
>> <Output from myscript.sh>
>> <Status output from JtR>
>>
>> That way anyone else using myscript.sh could get status output from both
>> programs without having to open up another terminal.
>>
>
> The only way I see of doing this, is to get that signal that you want the
> status in your script (catch the <enter>) and then do a kill -SIGUSR1 to
> the pid of john.  John does not have connection to a tty in this case (when
> it is a filter), so it is not able to monitor keystrokes like it does when
> simply launched from the shell.  Since your script is the owner of the tty,
> then it will have to take over duties of that, and relay them to the john
> instance (such as using the kill command to send it a signal).
>
> Others may think of a more elegant solution, but that is about all I can
> see right off.
>
> --
> Community volunteer for John the Ripper project.
>
>
>
> ---
> This email has been checked for viruses by Avast antivirus software.
> https://www.avast.com/antivirus
>

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.