Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 17 Jun 2019 16:50:11 -0400
From: Matt Weir <cweir@...edu>
To: john-users@...ts.openwall.com
Subject: Re: Using cracked non-ascii passwords in a wordlist

I'm sure there are better options, but if you are using the bleeding-jumbo
version of JtR:  https://github.com/magnumripper/JohnTheRipper

You can use JtR's '--loopback' option combined with '--stdout' and
'--rules=none' to pipe the results to a file. This strips the hash info
from the raw .pot files, and does deduplication so you don't end up with a
million entries of '123456'.

Example below to put everything into a file called 'new_wordlist.txt'
(Note, I'm not at my computer so there may be a typo):

./john --loopback --stdout --rules=none > new_wordlist.txt

I'm not sure if '--loopback' has been added to the official 1.9.0-jumbo-1
version JtR, and I'm pretty sure it's not in core. So if you have an error
and are not using magnumripper's version above that's probably the cause.

Also, if you don't want to create a new wordlist, you can use the
'loopback' option to generate guesses directly from a .pot file. It works
like a normal '--wordlist' option and you can apply other mangling rules to
it. That's why I included the '--rules=none' option above, so that way you
don't apply any rules when creating a 'clean' wordlist from your previous
cracks.

Cheers,
Matt

On Mon, Jun 17, 2019 at 3:55 PM Adam Lininger <arlininger@...il.com> wrote:

> All,
> I'm trying to work at getting an efficient way to feed previously cracked
> hashes back in to a wordlist for future use. I'm using the 2015 Crack Me if
> you Can competition hashes for this effort.
>
> One such hash, shown below, was cracked using non-ascii characters. From
> the output of `john --show | less`:
>
> f63e00ed861b130f0ac9ddd040ecf63a:<C8><CB>Ke<C9>
>
> As you can see, there are non-ascii characters in the resulting hash.
> However, putting the actual non-ascii characters in to a wordlist is
> ineffective at cracking the same hash on a fresh machine.
>
> Is there any way to make john output cracks in a more cannonical format?
> Alternatively, can I input non-ascii wordlists in a more cannonical format?
>
> Adam
>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.