Date: Wed, 27 May 2020 23:21:59 +0200 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: hashcat vs. JtR Some more minor corrections: On Tue, May 26, 2020 at 06:38:01PM +0200, Solar Designer wrote: > Another thing that's different is source code style and quality, as well > as consistency of the feature set and consistency and quality of > documentation. hashcat is a younger project (~10 years old vs. JtR's > ~25 years old or ~23 years of evolution since last rewrite). It's more like "~24 years old or ~22 years of evolution since last rewrite" (since 1996 and 1998, respectively). > What's currently mostly common about John the Ripper and hashcat: > For both tools, the native input format is text files with one password > hash per line (and optionally other colon-separated fields). Input data > other than password hashes in text files should be preprocessed with > tools specialized to the input data format. Such tools that are part of > JtR jumbo generally follow the *2john naming. There are also *2hashcat > tools out there. There are also tools not associated with and not > targeting JtR and hashcat projects, yet producing output usable by JtR > and/or hashcat, such as the PWDUMP family of Windows password hash > dumping tools. There are also relevant differences: hashcat is also able to read some binary files directly; JtR isn't. JtR only uses colon-separated fields in /etc/passwd-like fashion - that is, with the hash to crack occupying one field. (This also holds for PWDUMP output files, where the LM and NTLM hashes are each in their field.) hashcat can read such files too (albeit is stricter on them having all of the usual fields), but for some other hash types it expects colon-separated fields for things like salt and iteration count, which JtR would have expected as parts of the hash string with different separator characters between such parts. This becomes a hassle when using both tools on a set of hashes like this. Maybe we could make it easier to load hashes formatted for one tool into the other, which may currently require some trivial external scripting (such as with "sed"). Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.