Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 8 May 2016 11:46:35 -0400
From: Matt Weir <cweir@...edu>
To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com>
Subject: Re: Using --show with older pot files

>> Are you seeing this with formats other than dynamic?

I'll admit, my old pot files I'm using are almost 100% raw-md5 so that's
the only one I've noticed it on.

Matt

On Sun, May 8, 2016 at 5:13 AM, magnum <john.magnum@...hmail.com> wrote:

> On 2016-05-08 03:20, Matt Weir wrote:
>
>> I have a number of old pot files. When using them in a new cracking
>> session
>> they work great and john doesn't try to re-crack old passwords. I
>> encounter
>> problems though when I use the -show option to see how many passwords are
>> cracked. Note, this is using bleeding john.
>>
>> '--show=left' works as expected with old pot files. Old hashes are matched
>> as having cracked passwords in the list
>>
>> '--show' only shows passwords cracked with newer cracking sessions, not
>> ones cracked under the older style pot files.
>>
>> For example, assume the following pot file, (hashes x'd out)
>>
>> XXXXXXXXXXXXXXXXXXXXXXX:password1
>>
>> $dynamic_0$XXXXXXXXXXXXXXXXXXXXX:password2
>>
>> If I run ./john -show target_list
>>
>> 2:password2
>>
>> 1 password hashes cracked, 1 left
>>
>> Even though password1 is in my cracked list and target list. Aka if it
>> doesn't have the $hashtype$ in front it doesn't work with the --show
>> option.
>>
>
> Are you seeing this with formats other than dynamic? We probably have
> several formats with this problem but anyway it's a per-format issue (and
> many formats, especially non-hashes, are not supposed to recognize bare
> hashes anyway). It's usually a result of using prepare() for things that
> should be put in split():
>
> https://github.com/magnumripper/JohnTheRipper/wiki/split()-vs.-prepare()
>
> We should basically only use prepare() for its initial reason to exist,
> namely for reading other input fields than the ciphertext. Good examples
> are for reading pwdump or l0pthcrack formats.
>
> magnum
>
>

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.