Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 2 Mar 2021 16:20:56 +0100
From: Marek Wrzosek <marek.wrzosek@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Implementing mixed mask attack

There is more than one way to skin a cat in JtR. I don't know, if
policies are better or not in your case. I thought it would be easier
with regex mode to define just one regular expression, that will
generate all passwords the 16 masks would, but I've found out it's
harder to build rexgen these days, that it was before. I don't think the
current rexgen will work with JtR now, you would need the correct
version of rexgen and its requirements. I wouldn't say it is a
dependency hell, but more like a dependency purgatory. So, never mind.

According to: https://www.openwall.com/john/doc/EXTERNAL.shtml

"To define an external cracking mode you need to create a configuration
file section called [List.External:MODE], where MODE is any name that
you assign to the mode. The section should contain some functions
programmed in a C-like language. John will compile and use the functions
if you enable this cracking mode via the command line."

If I were you, I would copy the [List.External:Policy] section with
modified name (e.g. [List.External:MyPolicy]) to your john-local.conf
(or john.local.conf) because otherwise you won't be able to pull a newer
version from git. Modify the required functions and run john with option
--external=MyPolicy (I don't know if the name of external mode is case
sensitive).

But I haven't done anything like this, yet.

W dniu 02.03.2021 o 13:45, Michał Majchrowicz pisze:
> If policies are not for that than what do you use them for ? I have
> seen some "C-like" code in john.conf for filtering but couldn't find
> an info on how it is used. Do you implement is as part of your own
> tool? As part of john? Is it automagically compiled at runtime ? :D
> Regards.
>
> On Tue, Mar 2, 2021 at 12:06 PM Marek Wrzosek <marek.wrzosek@...il.com> wrote:
>> Hi,
>>
>> I think that regex mode would be more appropiate for this job. I don't know if this mode is still in JtR, it required some additional library and wasn't enabled by default. Also, there were some issues with session restoring, when it was in use.
>>
>> Best regards,
>> Marek
>>
>> Dnia 2 marca 2021 11:28:16 CET, "Michał Majchrowicz" <sectroyer@...il.com> napisał(a):
>>> Hello.
>>> I would like to ask about a possibility of making a attack with mask
>>> based on some password patterns. I have described the idea here:
>>> https://github.com/openwall/john/issues/4576#issuecomment-788100874
>>> solardiz for such approach Policy might be useful. So i would like to
>>> repeat my question on how can this be utilised? Can create my own
>>> policy to filter only "good" pw candidates in mask mode?
>>> Regards.
>> --
>> Marek Wrzosek
>> marek.wrzosek@...il.com
>>
>> -- Wysłane za pomocą K-9 Mail.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.