headers
websiteaccess | 1 Aug 2009 09:55
Picon

Re: DumbForce external mode

On Fri, 31 Jul 2009 23:37:28 +0400, Solar Designer wrote:
> On Fri, Jul 31, 2009 at 09:08:27PM +0200, websiteaccess wrote:
>>  One more thing, I have changed value from 8 to 10 of
>> 	maxlength = 10;	// Must be at least same as minlength
>> 
>>  Is JTR now able to crack 10 length passwords ?
> 
> Yes, but it won't get that far in practice (you'll interrupt it sooner),
> unless you reduce your charset and/or your hash type is very fast (such
> as raw MD5).
> 
> Alexander
> 

 With this mode JTR use "a-z" and my special charset "é" "è" "ç" "à"
 is it possible to limit JTR to use only "a" "b" "c" "d" and "é" "è" 
"ç" "à"  ?

 thanks.

--

-- 
To unsubscribe, e-mail
john-users-unsubscribe@... and reply
to the automated confirmation request that will be sent to you.
Permalink | Reply | 1 comment |
headers
Solar Designer | 1 Aug 2009 18:52
Favicon

Re: DumbForce external mode

On Sat, Aug 01, 2009 at 09:55:29AM +0200, websiteaccess wrote:
>  With this mode JTR use "a-z" and my special charset "é" "è" "ç" "à"
>  is it possible to limit JTR to use only "a" "b" "c" "d" and "é" "è" 
> "ç" "à"  ?

Sure, just replace 'z' with 'd' in the init() function:

/* This defines the character set */
	i = 0;
	c = 'a';
	while (c <= 'd')
		charset[i++] = c++;
	charset[i++] = 'é';
	charset[i++] = 'è';
	charset[i++] = 'à';
	charset[i++] = 'ç';

In case by "abcd" you meant arbitrary characters rather than these
specific ones, you may specify your arbitrary characters just like we
did for your 8-bit ones:

/* This defines the character set */
	i = 0;
	charset[i++] = 'a';
	charset[i++] = 'b';
	charset[i++] = 'c';
	charset[i++] = 'd';
	charset[i++] = 'é';
	charset[i++] = 'è';
	charset[i++] = 'à';
(Continue reading)

Permalink | Reply | 0 comments |
headers
websiteaccess | 1 Aug 2009 20:57
Picon

changing s to $

Hi

 I want change all "s" in a word to "$" (test -> te$t)

 I try   /s ss$   it doesn't work 

  why ?

 Thanks,

 W.A.

--

-- 
To unsubscribe, e-mail
john-users-unsubscribe@... and reply
to the automated confirmation request that will be sent to you.
Permalink | Reply | 2 comments |
headers
Solar Designer | 1 Aug 2009 22:57
Favicon

Re: changing s to $

On Sat, Aug 01, 2009 at 08:57:21PM +0200, websiteaccess wrote:
>  I want change all "s" in a word to "$" (test -> te$t)
> 
>  I try   /s ss$   it doesn't work 

It works for me:

[List.Rules:Wordlist]
/s ss$

$ echo test > w
$ john -w=w --rules --stdout
te$t
words: 1  time: 0:00:00:00 100%  w/s: 100  current: te$t

Alexander

--

-- 
To unsubscribe, e-mail
john-users-unsubscribe@... and reply
to the automated confirmation request that will be sent to you.
Permalink | Reply | 1 comment |
headers
websiteaccess | 1 Aug 2009 23:17
Picon

Re: changing s to $

On Sun, 2 Aug 2009 00:57:16 +0400, Solar Designer wrote:
> On Sat, Aug 01, 2009 at 08:57:21PM +0200, websiteaccess wrote:
>>  I want change all "s" in a word to "$" (test -> te$t)
>> 
>>  I try   /s ss$   it doesn't work 
> 
> It works for me:
> 
> [List.Rules:Wordlist]
> /s ss$
> 
> $ echo test > w
> $ john -w=w --rules --stdout
> te$t
> words: 1  time: 0:00:00:00 100%  w/s: 100  current: te$t
> 
> Alexander
> 

 I found the problem, my dico wordlist was badly formatted, word 
corrupted

--

-- 
To unsubscribe, e-mail
john-users-unsubscribe@... and reply
to the automated confirmation request that will be sent to you.
Permalink | Reply | 0 comments |
headers
Solar Designer | 13 Aug 2009 06:32
Favicon

Re: get the password of windows XP

It appears that no one commented on this for two weeks now.  Why not?
Does everyone expect that I will answer all users' questions in here, or
should we start leaving "uninteresting" questions without an answer?..

Basically, the above is a "ping" to the community, to hopefully get
other "contributors" to discussions on this list moving next time
someone asks a question. ;-)

jith -

On Fri, Jul 31, 2009 at 02:09:49PM +0530, jith wrote:
> sorry i forgot tell that i got only nt and lm hashes from saminside and not
> ntlm hash

The above is confusing and likely wrong.  Can you please post a sample
of what you got?

> How can i get both hashes using jtr.....

You're not "getting hashes" using JtR.  You use other tools for that,
such as the PWDUMP tools found here:

http://www.openwall.com/passwords/pwdump
ftp://ftp.openwall.com/pub/projects/john/contrib/pwdump/

Most likely, you have already obtained the hashes with SAMInside.

JtR is a tool to crack the hashes and obtain the corresponding plaintext
passwords.
(Continue reading)

Permalink | Reply | 1 comment |
headers
Helmut Hullen | 13 Aug 2009 08:38
Picon
Favicon

Re: get the password of windows XP

Hallo, Solar,

Du meintest am 13.08.09:

> Basically, the above is a "ping" to the community, to hopefully get
> other "contributors" to discussions on this list moving next time
> someone asks a question. ;-)

Not me - please.
Most times I'm just lurking. And I'm just a consumer, on my systems John  
works well. I don't understand what it really does inside, I can't  
explain other people what to do if it doesn't work as expected.

<AOL>
>>>>>>>>>>>>>>>>>>> me too!
>>>>>>>>>>>>>>>>>> me too!
>>>>>>>>>>>>>>>>> me too!
>>>>>>>>>>>>>>>> me too!
>>>>>>>>>>>>>>> me too!
>>>>>>>>>>>>>> me too!
>>>>>>>>>>>>> me too!
>>>>>>>>>>>> me too!
>>>>>>>>>>> me too!
>>>>>>>>>> me too!
>>>>>>>>> me too!
>>>>>>>> me too!
>>>>>>> me too!
>>>>>> me too!
>>>>> me too!
>>>> me too!
(Continue reading)

Permalink | Reply | 0 comments |
headers
SmarTeam Support | 15 Aug 2009 16:28
Picon

Re: Contributing significant changes to the jumbo patch (mostly performance improvements)

Hello Jim,

Any news on this patches?

> Offlist, I have been given a patch of quite a few code changes by
> 'Zed ...'  He told me I could include them, but asked to give a shout out to his nick :)

> ...

> I have not incorporated all of the new code in yet, nor tested it
> all, but soon will have that done.  

> Actually, I have finished, but want to check some stuff out, and
> there were several things not included, as they looked broken or
> unfinished or specific to some 'search' project.  However I would
> like to test some more, and will be busy for the next couple days.

> Jim.

-- 
Best regards,
 SmarTeam                            mailto:smarteam.support@...

--

-- 
To unsubscribe, e-mail
john-users-unsubscribe@... and reply
to the automated confirmation request that will be sent to you.
Permalink | Reply | 0 comments |
headers
pyllyukko | 13 Aug 2009 22:02

Finnish character set


Hello list.

I've been working with Finnish passwords for a while now and I'd like to 
share my work/results. I've generated a character set file for JtR against 
37919 (and counting) Finnish passwords.

I've also made a small patch for JtR which modifies the variables in the 
rules engine so it supports Finnish alphabets.

The source is a publicly available list of Finnish password hashes and 
plaintext passwords. I do not wan't to provide a link to this list, but 
you can easily find it if necessary.

I haven't compared/tested the .chr that much, this is still a work in 
progess. Any help in testing this would be great.

All the work is available through my website at: 
http://void.maimed.org/~pyllyukko/p.html. I'll post updates when I come up 
with something new=)

I hope somebody will find this useful.

Any thoughts/ideas/comments/feedback/questions are appreciated.

--pyllyukko
Permalink | Reply | 1 comment |
headers
JimF | 20 Aug 2009 18:26
Picon

Thoughts and questions on creation of a 'generic' MD5 hash set format (to handle 'all' of them)

I have been busy with 'real work'  (damn kids want food every day, i guess), so have not done a lot with john for a while.

However, I have been thinking about how best to feed john some of the many md5 hash types (families).  I
propose something like this:

Password 4turtles
Salts either ttzzz or i a   (i space a)

uid:md5($p.$s5)ttzzzf879de3ea2c872243bf38ff482fecb7f     (pw=4turtles salt=ttzzz)
uid:md5($s5.$p)ttzzzb5944fc539d959a300ac9896bb98bada     (pw=4turtles salt=ttzzz)
uid:md5($s5.$p.$s5)ttzzz9f0367a67426e852a08b54e0d25b2f99 (pw=4turtles salt=ttzzz)
uid:md5(md5($p).$s3)i a2abca28714f40edb09a639f555e63098  (pw=4turtles salt=i a)
uid:md5(md5($p))d894b3efe537e7c180c71129b7a5221b         (pw=4turtles)
uid:md5(md5(md5($p)))5ede6d1ca68d4c589c29084857cf0584    (pw=4turtles)
uid:md5($p)32ec7dad341b379d0b9103e45e7d1438              (pw=4turtles)
(note the last one is simply 'raw' MD5)

What are people's thoughts about this 'format'?  Then john could simply have a -format=md5-generic. I
would think that john could be coded to handle this pretty easy (the parsing is trivial, since all you parse
is md5 ( ) $p and $sLen value.It could even be 'optimized' by hard coding many of the 'common' known types,
and then building a simple parser to handle ones we do not recognise the signature for, so that 'new' fomat
may not get all the low level 'tweeks', but should still be pretty damn fast.  

I 'believe' that ONLY 1 type of signature would be possible in a file at a time.  The format would probably
simply use the first 'valid' md5(...) signature, set itself up to procees 'that' type, and then only load
lines from the file with that signature.  That is much like what happens today, when there are multiple
types mixed in the passwd file.  The first 'type' is what is used.  Note, we might have to 'add' a command
option to allow the user to 'force' which type.  So, he could call with -format=md5-generic
-md5-type=md5(md5($p.$s6)) and get only those types processed, even if the first valid md5-generic
seen was not md5(md5($p.$s6))
(Continue reading)

Permalink | Reply | 11 comments |

Gmane