Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 21 May 2012 15:53:18 +0400
From: Aleksey Cherepanov <aleksey.4erepanov@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: file synchronization backend for MJohn

On Sun, May 20, 2012 at 08:13:36PM -0400, Rich Rumble wrote:
> On Sun, May 20, 2012 at 6:16 PM, Aleksey Cherepanov
> <aleksey.4erepanov@...il.com> wrote:
> >> Supporting "after action" reports is a definite plus.
> >
> > We could use git only on the server just to make history (not using it
> > for file transfers).
> I skimmed the thread, but my 2cents are, clients copy the hashes to
> the server, keep individual (pot)files named by some arbitrary/unique
> ID, perhaps timestamped file names with an unique id. Cat/sort/unique
> or diff them into Latest.pot at some arbitrary interval. During the
> uniq/diff process you can create stats like client-x produced 100
> passwords in the last 5 minutes, Client-y did not report in this
> interval. This could also be a git/svn process, but each machine is
> keeping some "latest-master" pot file maintained, perhaps in folders
> named after each client/thread or what ever splits up the work (same
> client might do a wordlist and a incremental mode in other threads).
> Or again just go for simple, and "logrotate" older files
> out(compressed) after stats and the "latest-master.pot" have been
> created/updated. As simple as possible, but not simpler :) I'd start
> with SCP and Cron, just to flesh it out.

This seems to be a way too. So if tricks with git turn out too complex
I'd probably do something similar.

Though I'd not use cat/sort/unique, more likely I'd keep order as is
to be able to request changes by line numbers: client got .pot file
and remembers number of lines in it, after some cracks he copies lines
from .pot after this number - it is newly cracked passwords, he sends
that part of file to server and requests lines from server's .pot
after remembered number of lines - it is passwords cracked by other
clients (it is roughly, as is there could be losses).

I should note that it is not important to receive cracked passwords
from server as soon as possible because their use needs restart of
john that should not be frequent. I guess it even possible to download
full .pot when it is needed (at start of attack). Though if it will be
worth we could add to john an ability to pull in newly cracked
passwords without restart. Will it be worth?

Regards,
Aleksey Cherepanov

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ