Date: Sat, 30 Sep 2017 00:29:42 +0200 From: magnum <john.magnum@...hmail.com> To: john-users@...ts.openwall.com Subject: Re: RFC: Hashkiller Rosetta Stone On 2017-09-29 17:13, Royce Williams wrote: > I'm working on a Hashkiller Rosetta stone (list of upload formats supported > by Hashkiller, and how to use those modes in hashcat, john, and MDXfind. > > A draft is here: > > https://gist.github.com/roycewilliams/28a9e940e7cd37268ceeac4962bda757 > > Any help/tips appreciated. I don't know the underlying algorithm of many > product-specific formats, so I'm almost certainly missing some obvious ones. > > My future ambition is to expand this concept to be a Rosetta Stone for the > superset of all formats supported by any known product. Small steps first. > :) Most formats consisting of a combination of simple primitives, like 'md5(md5($pass).md5($salt))' are possible in JtR on CPU using the "dynamic compiler" format. That very example would be written like this: $ ../run/john -test -form:dynamic='md5(md5($pass).md5($salt))' Benchmarking: dynamic=md5(md5($p).md5($s)) [128/128 AVX 4x3]... DONE Many salts: 12448K c/s real, 12573K c/s virtual Only one salt: 5458K c/s real, 5404K c/s virtual It can do many crazy combinations that is (probably) not used anywhere: $ ../run/john -test -form:dynamic='sha1(md5(md4($pass).$salt))' Benchmarking: dynamic=sha1(md5(md4($p).$s)) [128/128 AVX 4x1]... DONE Many salts: 5816K c/s real, 5816K c/s virtual Only one salt: 5340K c/s real, 5340K c/s virtual Sometimes it's not very fast, but it's always there - very handy. Note that any time there is a dedicated format for your need, you can bet that one is faster, and sometimes a LOT faster, than this "dynamic compiler" stuff. On another note, I'd add input syntax (or sample hashes) to the Rosetta Stone if I were you. Sometimes they differ, especially in how/where you specify the salt. Hashcat uses hash:salt while JtR never EVER has a ':' within a ciphertext (it's impossible, by design, and that makes the pot file unambigous). Sometimes the various crackers also differ in whether they want the salt as plaintext or hexified, and (if plaintext) they might have different ways to hex-escape stuff (eg. hashcat $HEX[cafe] vs. JtR $HEX$cafe) Cheers, magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.