Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 27 May 2020 23:21:59 +0200
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: hashcat vs. JtR

Some more minor corrections:

On Tue, May 26, 2020 at 06:38:01PM +0200, Solar Designer wrote:
> Another thing that's different is source code style and quality, as well
> as consistency of the feature set and consistency and quality of
> documentation.  hashcat is a younger project (~10 years old vs. JtR's
> ~25 years old or ~23 years of evolution since last rewrite).

It's more like "~24 years old or ~22 years of evolution since last
rewrite" (since 1996 and 1998, respectively).

> What's currently mostly common about John the Ripper and hashcat:

> For both tools, the native input format is text files with one password
> hash per line (and optionally other colon-separated fields).  Input data
> other than password hashes in text files should be preprocessed with
> tools specialized to the input data format.  Such tools that are part of
> JtR jumbo generally follow the *2john naming.  There are also *2hashcat
> tools out there.  There are also tools not associated with and not
> targeting JtR and hashcat projects, yet producing output usable by JtR
> and/or hashcat, such as the PWDUMP family of Windows password hash
> dumping tools.

There are also relevant differences:

hashcat is also able to read some binary files directly; JtR isn't.

JtR only uses colon-separated fields in /etc/passwd-like fashion - that
is, with the hash to crack occupying one field.  (This also holds for
PWDUMP output files, where the LM and NTLM hashes are each in their
field.)  hashcat can read such files too (albeit is stricter on them
having all of the usual fields), but for some other hash types it
expects colon-separated fields for things like salt and iteration count,
which JtR would have expected as parts of the hash string with different
separator characters between such parts.  This becomes a hassle when
using both tools on a set of hashes like this.  Maybe we could make it
easier to load hashes formatted for one tool into the other, which may
currently require some trivial external scripting (such as with "sed").

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.