Date: Fri, 29 Sep 2017 16:13:19 -0800 From: Royce Williams <royce@...ho.org> To: john-users@...ts.openwall.com Subject: Re: RFC: Hashkiller Rosetta Stone On Fri, Sep 29, 2017 at 2:44 PM, Frank Dittrich <frank.dittrich@...lbox.org> wrote: > Am 29.09.2017 um 23:58 schrieb Solar Designer: > >> On Fri, Sep 29, 2017 at 07:20:31AM -0800, Royce Williams wrote: >> >>> I'm working on a Hashkiller Rosetta Stone (a list of upload formats >>> supported by Hashkiller, and how to use those modes in hashcat, john, and >>> MDXfind.) >>> >>> A draft is here: >>> >>> https://gist.github.com/roycewilliams/28a9e940e7cd37268ceeac4962bda757 >>> >>> Any help/tips appreciated. I don't know the underlying algorithm of many >>> product-specific formats, so I'm almost certainly missing some obvious >>> ones. >>> >> >> It'd help if you list example hashes, preferably all for a fixed >> password like "password", so that you don't need to list the >> corresponding different plaintext passwords as well. >> > > > It would also help if you would use another syntax for those "generic" > algorithms. > > Currenntly, it is unclear whether MD5-MD5SALTMD5PASS means > md5(md5(salt).md5(pass)) or not. This isn't my syntax. Those are the labels used by MDXfind itself. I am new to MDXfind, so I'm still learning about how to read these; they do indeed require interpretation that is opaque to the uninitiated. That's part of what I was hoping to accomplish with the table - caching what I learn for the benefit of others. > JtR supports command-line dynamic formats now (and has been for a couple >> of years, due to work by Jim), so most if not all of your "unsupported"s >> are actually supported at least in this way. >> > > Yes, you can combine several basic hash functions, use password and/or > sewveral salts, even constant expressions, etc. > Check doc/DYNAMIC*,especially doc/DYNAMIC_COMPILER_FORMATS.md. Thanks for this - will do. > Those command-line dynamics typically allow for a higher password >> length, too. For example, when experimenting with Update 2 from >> https://haveibeenpwned.com/Passwords I found that "--external=Repeats" >> cracks plenty of passwords of lengths up to 109 (and I've just tested >> that it cracks 110 too, but not 111 - as expected) with >> "--format=dynamic='sha1($p)'", whereas "--format=raw-sha1" only goes up >> to length 55 (also as expected). >> > > But the dynamic_* formats are usually somewhat faster than the > dynamic='<expression>'. That makes sense. > My future ambition is to expand this concept to be a Rosetta Stone for the >>> superset of all formats supported by any known product. Small steps >>> first. >>> :) >>> >> >> > > Cool. With JtR's command-line dynamics, its list of supported formats >> is sort of "infinite", though. ;-) >> > > You even get basic bash completion support for the dynamic-formats: > > $ ./john --format=dynamic=[tab][tab] > lists these possible completions: > > $ ./john --format=dynamic= > gost\( haval192_5\( md2\( sha1_64\( skein224\( > haval128_3\( haval224_3\( md4\( sha224\( skein256\( > haval128_4\( haval224_4\( md5\( sha256\( skein384\( > haval128_5\( haval224_5\( panama\( sha384\( skein512\( > haval160_3\( haval256_3\( ripemd128\( sha3_224\( tiger\( > haval160_4\( haval256_4\( ripemd160\( sha3_256\( whirlpool\( > haval160_5\( haval256_5\( ripemd256\( sha3_384\( > haval192_3\( keccak_256\( ripemd320\( sha3_512\( > haval192_4\( keccak_512\( sha1\( sha512\( > > > The \ is needed unless you quote the expression. I'll see whether I manage > to support bash completion even for --format='dynamic= or > --format=dynamic'= etc. Then I can drop the backslashes. > > > If you quote the expression, it could look like this: > > $ ../run/john -test -form:dynamic='sha1(md5(md4($p.$s).$s2))' > Benchmarking: dynamic=sha1(md5(md4($p.$s).$s2)) [128/128 AVX 4x1]... DONE > Many salts: 5243K c/s real, 5243K c/s virtual > Only one salt: 4813K c/s real, 4813K c/s virtual > > ($s is the first salt, $s2 a second salt in that example) Very informative - thank you, Frank! Royce
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.