Date: Mon, 17 Jun 2019 16:50:11 -0400 From: Matt Weir <cweir@...edu> To: john-users@...ts.openwall.com Subject: Re: Using cracked non-ascii passwords in a wordlist I'm sure there are better options, but if you are using the bleeding-jumbo version of JtR: https://github.com/magnumripper/JohnTheRipper You can use JtR's '--loopback' option combined with '--stdout' and '--rules=none' to pipe the results to a file. This strips the hash info from the raw .pot files, and does deduplication so you don't end up with a million entries of '123456'. Example below to put everything into a file called 'new_wordlist.txt' (Note, I'm not at my computer so there may be a typo): ./john --loopback --stdout --rules=none > new_wordlist.txt I'm not sure if '--loopback' has been added to the official 1.9.0-jumbo-1 version JtR, and I'm pretty sure it's not in core. So if you have an error and are not using magnumripper's version above that's probably the cause. Also, if you don't want to create a new wordlist, you can use the 'loopback' option to generate guesses directly from a .pot file. It works like a normal '--wordlist' option and you can apply other mangling rules to it. That's why I included the '--rules=none' option above, so that way you don't apply any rules when creating a 'clean' wordlist from your previous cracks. Cheers, Matt On Mon, Jun 17, 2019 at 3:55 PM Adam Lininger <arlininger@...il.com> wrote: > All, > I'm trying to work at getting an efficient way to feed previously cracked > hashes back in to a wordlist for future use. I'm using the 2015 Crack Me if > you Can competition hashes for this effort. > > One such hash, shown below, was cracked using non-ascii characters. From > the output of `john --show | less`: > > f63e00ed861b130f0ac9ddd040ecf63a:<C8><CB>Ke<C9> > > As you can see, there are non-ascii characters in the resulting hash. > However, putting the actual non-ascii characters in to a wordlist is > ineffective at cracking the same hash on a fresh machine. > > Is there any way to make john output cracks in a more cannonical format? > Alternatively, can I input non-ascii wordlists in a more cannonical format? > > Adam >
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.