Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 17 Jun 2019 16:50:11 -0400
From: Matt Weir <cweir@...edu>
To: john-users@...ts.openwall.com
Subject: Re: Using cracked non-ascii passwords in a wordlist

I'm sure there are better options, but if you are using the bleeding-jumbo
version of JtR:  https://github.com/magnumripper/JohnTheRipper

You can use JtR's '--loopback' option combined with '--stdout' and
'--rules=none' to pipe the results to a file. This strips the hash info
from the raw .pot files, and does deduplication so you don't end up with a
million entries of '123456'.

Example below to put everything into a file called 'new_wordlist.txt'
(Note, I'm not at my computer so there may be a typo):

./john --loopback --stdout --rules=none > new_wordlist.txt

I'm not sure if '--loopback' has been added to the official 1.9.0-jumbo-1
version JtR, and I'm pretty sure it's not in core. So if you have an error
and are not using magnumripper's version above that's probably the cause.

Also, if you don't want to create a new wordlist, you can use the
'loopback' option to generate guesses directly from a .pot file. It works
like a normal '--wordlist' option and you can apply other mangling rules to
it. That's why I included the '--rules=none' option above, so that way you
don't apply any rules when creating a 'clean' wordlist from your previous
cracks.

Cheers,
Matt

On Mon, Jun 17, 2019 at 3:55 PM Adam Lininger <arlininger@...il.com> wrote:

> All,
> I'm trying to work at getting an efficient way to feed previously cracked
> hashes back in to a wordlist for future use. I'm using the 2015 Crack Me if
> you Can competition hashes for this effort.
>
> One such hash, shown below, was cracked using non-ascii characters. From
> the output of `john --show | less`:
>
> f63e00ed861b130f0ac9ddd040ecf63a:<C8><CB>Ke<C9>
>
> As you can see, there are non-ascii characters in the resulting hash.
> However, putting the actual non-ascii characters in to a wordlist is
> ineffective at cracking the same hash on a fresh machine.
>
> Is there any way to make john output cracks in a more cannonical format?
> Alternatively, can I input non-ascii wordlists in a more cannonical format?
>
> Adam
>

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.