Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20060419135429.GA15362@openwall.com>
Date: Wed, 19 Apr 2006 17:54:29 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re:  specify individual salt to run

On Wed, Apr 19, 2006 at 12:13:45PM +0000, -. -PhanTom-. - wrote:
> Was wondering if you would consider adding another command to jtr to let users 
> specify which salt to run?
> So that one could run only the hashes that has a specific salt?
> e.g 
> john --salt2:et ...

This had been considered before.  There are some good reasons to not
implement it:

1. In order to know what salts there are and which ones you want (or
don't want) to crack, you have to review the input password files and/or
john.pot manually.  If you do that, it should not be hard for you to
pass your files through grep or the like, eliminating the need for this
option to John.

2. The ASCII representation of salts is different for each hash type.
Would the documentation need to be complicated with instructions on how
to specify salts - e.g., whether to include or omit the "$1$" before
FreeBSD-style MD5-based crypt(3) salts?

3. I like to keep the list of command-line options reasonably short.

There's also a subtle reason in favor of implementing this:

With some hash types, there are multiple ASCII representations which
correspond to the same salt value.  If you include all hashes with the
traditional crypt(3) salt represented as "et", you likely also want to
include whatever other hashes might happen to have the same salt value
(since they can be processed at no additional cost), even if it is not
encoded as "et" (those other encodings are invalid, but nevertheless
they are sometimes seen in practice).  John can implement logic like
that, whereas grep won't do it.

On the other hand, someone might be surprised by this effect and even
find it undesirable.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Was I helpful?  Please give your feedback here: http://rate.affero.net/solar

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.