Date: Tue, 3 Nov 2020 18:15:57 +0100 From: Albert Veli <albert.veli@...il.com> To: john-users@...ts.openwall.com Subject: Re: Rules characters unicode support. After the Crack Me If You Can 2015 contest the UTF-8 support was improved in john. But there could still be bugs. In mask mode you can catch UTF-8 / Unicode characters with ?b?b (0x01-0xff). There is also the ?L and ?U masks. Don't know exactly what characters they catch. The documentation says lower-case non-ASCII letters and upper-case non-ASCII letters. See the doc/MASK file in the source code. On Tue, Nov 3, 2020 at 3:49 PM François <francois.pesce@...il.com> wrote: > > Hi, > > I'm currently working on a tool that generates possible -single mode rules > out of a cracked result. > While running my tool on a very large (and old) leak, I realized that some > character substitutions from ASCII to Unicode were hitting some results (a > few hits on a large leak) for example: > seé > suü > scç > soö > saã > soø > snñ > saå > > They're making sense, because some old RFC or specs prevent non ASCII > characters to be used in email address or login information but passwords > fields actually take them now. For example, we could imagine that a > password associated to my email address francois.pesce@...il.com could be > close to the way my French first name is actually written, thus "françois" > (possibly generated by a single rule substituting c to ç such as: scç ). > > However, it seems that currently, john(-jumbo) does not support Unicode > characters for all rules commands (except for the content of command A"..." > ). Is anyone working on supporting that use case, should I just try to use > the A"..." command for my niche finding ? What are your thoughts? > > Thanks! > > Francois Pesce
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.