Re: output tested hashes
Solar Designer <solar@...
2005-11-11 19:07:05 GMT
On Thu, Nov 10, 2005 at 03:23:36PM +0100, thomas springer wrote:
> to speed things up for cracking "standard-passwords) i'd like to have
> john list every generated hash (along with the corresponding
> source-pw) to stdout - i already tried to hack my way through
> cracker.c, but my c is too lousy to get things right.
Why do you think that would let you speed things up? Precomputation?
It doesn't work like that.
If you're really interested, you can have a look at QCrack, but it is
impractical to use it these days.
> could anybody give me a clue (or path??) where i have to put the
> print(%s) to get all tested hashes printed to stdout?
It's not as simple as that. John does not produce the ASCII-encoded
strings for the hashes it generates. In fact, it does not even include
code to do that. Instead, it decodes the hashes it loads from your
password files and does its comparisons on binary representations of
hashes (or sometimes even "indirect" comparisons of partial hashes).
Simon has correctly suggested that crypt_all() for your desired hash
type is one place where you can obtain whatever hashes (or partial
hashes) are computed for the candidate passwords John generates and
for salts of your loaded password hashes. These won't be in a format
that is convenient to use elsewhere, though. For example, for DES-based
hashes, the internal representation that John uses differs between
processor architectures and it never has the DES final permutation
applied (instead, the final permutation is undone on hashes loaded from
password files to crack).