search

openwall / john

John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs
https://www.openwall.com/john/
Other
10.39k stars 2.11k forks source link

FMT_NOT_EXACT --show only shows the last crack for each hash #697

Open magnumripper opened 10 years ago

magnumripper commented 10 years ago 
$ cat test.in 
first:$crc32$4ff4f23f.ce6eb863
second:$crc32$fa455f6b.c59b2aeb

$ cat ../run/john.pot 
$crc32$fa455f6b.c59b2aeb:123456
$crc32$fa455f6b.c59b2aeb:bogus
$crc32$fa455f6b.c59b2aeb:fake

$ ../run/john --format=crc32 test.in --show=left
first:$crc32$4ff4f23f.ce6eb863
1 password hash cracked, 1 left

The above is true after 188fdc6. We only show the hash(es) that we found NO candidate for.

However, this problem remains (and was not caused by 188fdc6):

$ ../run/john --format=crc32 test.in --show    
second:fake
1 password hash cracked, 1 left

Currently, only the last crack is shown. Ideally, we'd have this output (not sure what number to show for "cracked" though... 1 or 3? It's actually "1 password hash cracked three times, 1 left"):

$ ../run/john --format=crc32 test.in --show    
second:fake
second:bogus
second:123456
1 password hash cracked, 1 left

This is not trivial given for these formats we'll often have dupe lines like this:

$ cat ../run/john.pot 
$crc32$fa455f6b.c59b2aeb:123456
$crc32$fa455f6b.c59b2aeb:bogus
$crc32$fa455f6b.c59b2aeb:fake
$crc32$fa455f6b.c59b2aeb:bogus
$crc32$fa455f6b.c59b2aeb:fake
$crc32$fa455f6b.c59b2aeb:123456

In that case, we do want such dupes to be suppressed but show the three distinct candidates.

magnumripper commented 10 years ago

Maybe we should upgrade this to a bug?

http://www.openwall.com/lists/john-users/2014/10/06/3