search

openwall / john

John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs
https://www.openwall.com/john/
Other
10.39k stars 2.11k forks source link

Configurable batch mode #4952

Open solardiz opened 2 years ago

solardiz commented 2 years ago

We have so-called batch mode, which is what we run when no mode is requested. Currently, it's hard-coded as 3 passes: first single-crack mode, then wordlist+rules, then incremental. We could want to support running through multiple wordlists there, or even to have the entire batch mode configurable (in john.conf) as a list of any modes and their settings or even a list of command-line option combinations (with some restrictions on what's valid in there). We could then have multiple batch modes defined in john.conf at once, with one to be chosen e.g. with --batch=NAME. We could even allow for a batch mode to call other batch modes (or maybe we'd simply use our .include syntax for that).

A reason to support multiple wordlists there would be to run with more rules against a tiny wordlist, then fewer rules against a medium-sized wordlist, and the fewest against the largest. Also, to have this intermixed with other mode invocations (e.g., let incremental mode run for 1 billion candidates before proceeding to a large wordlist+rules run that'd produce many billion candidates, and only then proceed to/resume the final incremental - the "resume" part being tricky here, though).

Some reasons to have this built-in rather than as an external script would be: ease of use, portability (no dependency on an external scripting language and its interpreter), reuse of our interrupt/restore capability with current pass stored in .rec files (an external script would need to (re)store that separately and skip to the right john invocation), loading of hashes into memory just once (rather than once per pass), keeping track of statistics for the whole thing (although ideally we'd also add/report/log per-pass statistics).

We'd move away from the hard-coded 3 passes to arbitrary number of them. Each mode+settings combination (e.g., wordlist+rules) would be a pass. In terms of implementation, I think this would be external to our per-mode source files (just like the current batch mode is), only requiring the logic/variables in those files to support multiple calls into there per john invocation.

Multiple --wordlist options (#3262) can then be implemented similarly (also externally to wordlist.c), albeit perhaps without ability to combine each with its own --rules.

solardiz commented 2 years ago

Some of this was previously discussed in #2349.