Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 10 Oct 2019 22:23:11 +0300
From: Aleksey Cherepanov <lyosha@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: approaches to use old password as baseword for new hash matching by username/login (as in CMIYC 2019)

Aleksey Cherepanov <lyosha@...nwall.com> writes:
> Additional point: 'SingleSkipLogin = Y' may be used to put baseword
> into GECOS while login is not empty and is not used.

> Additional rules may be used after the filter:
> --single=':=0\x02 =m\x02 Dm D0 ...your rules...'

It turned out that any separator char would work. So a printable char
may be used. I'll use '#' below.

While it is possible to pack baseword into GECOS, login field has a
bonus: login is printed on cracks, so it is easy to compare baseword and
crack without any special matching.

'Q' rule may be used to check that rules changed candidate. With '=0#
=m# Dm D0' rules before actual rules, it is needed to memorize baseword
manually with 'M' rule like this:
--single=':=0# =m# Dm D0 M ...your rules... Q'

During the contest, I thought I tried rule 's[!-@\[-`\{-~][!-@\[-`\{-~]'
but it turned out that it failed (due to ?! class) and I missed the
error message in tons of output from the runner script. So I'll retry
the rules without '?' in the first range.

My script to pack file is attached. It is a quick hack specific for
CMIYC 2019.

----------------------------------------------------------------------
$ cat single.conf
.include <john.conf>
[Local:Options]
SingleRetestGuessed = N
SingleWordsPairMax = 0

$ python code-dirty/pack_single.py \
    results/uncracked/0.django-scrypt.slow-salted.target.pw \
    results/pair_user_crack/6.nt.fast-nosalt.jbj.txt \
    > single_jbj.pw

$ wc -l single_jbj.pw
1019 single_jbj.pw

$ ./JohnTheRipper/run/john \
    --config=single.conf \
    single_jbj.pw \
    --field-separator-char='\x01' \
    --single=':=0# =m# Dm D0 M s[!->@\[-`\{-~][!-@\[-`\{-~] Q'
[...]
mr'jbjovi'       (#mr0jbjovi0#)
#jovibh)))       (##jovibh666#)
[...]
2g 0:01:07:32 DONE (2019-10-10 20:04) 0.000493g/s 20.58p/s 20.83c/s 20.83C/s cujovic45~
----------------------------------------------------------------------

The c/s rate is almost the same as with wordlist because the format is
very slow.

And rerunning with `time` and --fork=12 (for 6 cores and 2x hyperthreading),
final status line from the slowest thread:
----------------------------------------------------------------------
3 0g 0:00:08:48 DONE (2019-10-10 21:07) 0g/s 13.46p/s 15.38c/s 15.38C/s cujovic45{
[...]
real	8m49,309s
----------------------------------------------------------------------

I think the perfect time should be ~7m33s (67 / (15.38 * 12 / 20.8) ==
7.550931946250542).

Thanks!

--
Regards,
Aleksey Cherepanov

View attachment "pack_single.py" of type "text/x-python" (1380 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.