Date: Wed, 14 Sep 2016 17:02:02 +0200 From: patpro@...pro.net To: john-users@...ts.openwall.com Subject: Re: Error: wordlist contains NULL bytes - aborting On 14 sept. 2016, at 16:49, jfoug <jfoug@...nwall.net> wrote: > On 9/14/2016 9:11 AM, patpro@...pro.net wrote: >> Remove the 2 lines with these passwords: >>>  >>> [4000646f6232] >>> >>> and the null problems will go away. >> Thank you for the tip. My question is a little bit wider though: is there any way for john to handle passwords with null character? Are those password just artifacts (from a hacking attempt for example), or could they be legitimate? >> > Here is another couple 'fun' ones for john: > > [310d316e6b61] > [326d610d6b61] > [3174650d6b61] > > These have a carriage return in them (the 0d). There are 3 characters which are very hard to deal with in JtR. That is \x00 (null), \x0a and \x0d (line feed and carriage return). Also, the ':' can be tough in certain situations (but is not a problem for an input wordlist). The \x0a and \x0d 'can' be handled in wordlist (using rules, external or mask). I am not sure if john can (or ever will) be able to handle a null byte. It may be that we can handle them with mask mode, I am not sure. It will almost certainly never be able to handle embedded null bytes in wordlist mode thanks a lot for those informations, and for the test on mask mode. Looks like hashcat is a nice complement to john when we deal with very odd passwords. Too bad I don't have a box full of GFX 1080 to play with. Brute-forcing 0x00-0xFF is a never ending task on a single Radeon 270X (~980 M hashes/sec on those unsalted SHA1, IIRC). thanks again patpro
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.