Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 21 Jul 2011 16:57:43 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: zip false positives

Dhiru,

Now it'd be really great to avoid the false positives.

Frankly, the zip cracker is of limited use when it can only crack the
easiest passwords reliably.  As currently implemented, if it has to run
for more than a few minutes, then chances are that it'd produce a wrong
password and terminate - right?

Is this something you intend to fix?  Maybe after GSoC, because fixing
this is probably a lot of work, and for GSoC it could be better for you
to focus on adding more non-hashes first (as planned).  Makes sense?

Also, what about supporting older zip formats, where it would probably
be easier for you to avoid false positives?

Thanks,

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ