johnny icon indicating copy to clipboard operation
johnny copied to clipboard

Published 20 hours ago verified publisher icon openwall

Johnny detects far less hash types than John The Ripper

Open SMH17 opened this issue 7 years ago • 3 comments

Seems that Johnny can detect only these hash format: -descrypt -bsdcrypt -md5crypt -bcrypt -AFS -LM -crypt -tripcode -dummy

This is a very small subset of the hash supported by John The Ripper, and looks strange since Johnny actually is a GUI that uses John The Ripper. For example I have tried the attack on some different SHA-256 and SHA-512 hashes and Johnny reports always "gost" as detected hash format.

SMH17 avatar Nov 01 '16 09:11 SMH17

Which version of jtr and johnny do you use. Please copy what Is
written in the settings tab in Johnny (jtr xxx detected) for the jtr
version and what Is written on the ? About menu for Johnny version.
Thanks Silvio Marano [email protected] a écrit :

Seems that Johnny can detect only these hash format: -descrypt -bsdcrypt -md5crypt -bcrypt -AFS -LM -crypt -tripcode -dummy

This is a very small subset of the hash supported by John The
Ripper, and looks strange since Johnny actually is a GUI that uses
John The Ripper. For example I have tried the attack on some
different SHA-256 and SHA-512 hashes and Johnny reports always
"gost" as detected hash format.

You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/shinnok/johnny/issues/110

mathsoft-dev avatar Nov 01 '16 12:11 mathsoft-dev

Jonny 2.2 + John The Ripper 1.8.0-jumbo-1

In settings tab is reported "Detected John the Ripper 1.8.0-jumbo-1_omp" that matches JTR version used.

SMH17 avatar Nov 01 '16 13:11 SMH17

I have tried the attack on some different SHA-256 and SHA-512 hashes and Johnny reports always "gost" as detected hash format

I guess the issue is that those N hex chars strings are indistinguishable for SHA-2 vs. GOST vs. many others. Jumbo itself picks the first match (where its valid() function for a format returns a match), but prints many Warning messages telling which other formats would also match and how to force them. I think fixing this issue may amount two things:

  1. Maybe Johnny should parse those Warning messages and offer an easy choice of the format in such cases where multiple formats match the input.

  2. Where relevant, Jumbo's formats should be registered in a most likely to least likely order. Right now, the order is often alphabetic (which is why GOST comes in front of SHA-2).

solardiz avatar Aug 15 '17 12:08 solardiz