[prev in list] [next in list] [prev in thread] [next in thread] 

List:       john-users
Subject:    =?US-ASCII?Q?Re:_[john-users]_Show_only_cracked_usern?= =?US-ASCII?Q?ames_and_passwords_for_a=0D__gi
From:       Darren Wise <darren () wisecorp ! co ! uk>
Date:       2016-09-07 10:55:06
Message-ID: kr8ceq5rcna2xadhkqmrk193.1473245706859 () email ! android ! com
[Download RAW message or body]

[Attachment #2 (text/plain)]


    
Awesome idea Marek,
Looks like a good solution to me, I'll keep this in mind for myself even though not \
asking the orginal post!


> Kind regards,
> Darren Wise Esq, 
> B.Sc, HND, GNVQ, City & Guilds.



-------- Original message --------
From: Marek Wrzosek <marek.wrzosek@gmail.com> 
Date: 07/09/2016  11:05  (GMT+00:00) 
To: john-users@lists.openwall.com 
Subject: Re: [john-users] Show only cracked usernames and passwords for a
  given hash file? 

Hi nyxgeek,

W dniu 07.09.2016 o 05:55, nyxgeek@rslabs.co pisze:
> Is there any way to have John's --show flag show just usernames and 
> passwords cracked for a given hash file, in the format of:
> 
> user00:Password1234567890
> 
> 
> instead of having it displayed in-line, like:
> 
> user00:Password1234567890:1000:aad3b435b51404eeaad3b435b51404ee:17bd91defd0d2fe234239a5bb90a9595:::
>  
> 

I think, there is another workaround. You can reverse order of
characters in lines, cut fields from 7th to the end, then reverse lines
one more time.
E.g.:
$ echo -e
"user00:Password1234567890:1000:aad3b435b51404eeaad3b435b51404ee:17bd91defd0d2fe234239a5bb90a9595:::\n\
 user00:Passwor:d1234567890:1000:aad3b435b51404eeaad3b435b51404ee:17bd91defd0d2fe234239a5bb90a9595:::"|rev|cut
                
-d: -f7-|rev
user00:Password1234567890
user00:Passwor:d1234567890

> 
> 
> This would allow for the passwords for a particular hash file to
> easily be harvested/analyzed by performing a 'cut -d: -f2-', rather
> than having it be embedded inside the string.   By embedding the
> solved password inside the string, it seems to make it impossible to
> reliably cut out, since a password could easily contain a colon,
> which would then be misread as a delimiter.
> 
The you'll be able to extract passwords by performing a 'cut -d: -f2-'.

E.g.:
$ echo -e
"user00:Password1234567890:1000:aad3b435b51404eeaad3b435b51404ee:17bd91defd0d2fe234239a5bb90a9595:::\n\
 user00:Passwor:d1234567890:1000:aad3b435b51404eeaad3b435b51404ee:17bd91defd0d2fe234239a5bb90a9595:::"|rev|cut
                
-d: -f7-|rev|cut -d: -f2-
Password1234567890
Passwor:d1234567890

Every colon in a password should prevail this operation.

Best Regards,
Marek

-- 
Marek Wrzosek
marek.wrzosek@gmail.com



[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic