Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 12 Jun 2012 09:29:47 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Recent github patches

On 2012-06-12 00:35, magnum wrote:
> On 2012-01-27 21:45, Solar Designer wrote:
>> On Fri, Jan 27, 2012 at 09:19:19PM +0100, magnum wrote:
>>> * Experimental support for running "closed loop" - i.e. wordlist mode
>>> with a .pot file as input. We might want better dupe supression (to
>>> memory buffer), possibly reusing "unique" code. The current code only
>>> supresses consecutive dupes (just as for any wordlist file).
>>
>> In fact, I thought of optionally using the "unique" code in wordlist mode
>> regardless of where the input comes from. However, I am concerned that
>> if changes this invasive are first made in -jumbo, it will deviate from
>> the main tree's code too far. Ideally, I should find time and implement
>> this in the main tree first... but it's not something I'll have time for
>> any time soon (got other priorities, including for JtR).
>
> Until now I managed to stay away from this, but I now have a solid
> implementation that I plan to commit after optimizing and testing quite
> a bit more. It's not invasive though, it's very simple (stripped down
> pieces from unique.c) and will be trivial to back out of if/when you
> implement this in core JtR.
>
> The "closed loop mode" is curious without dupe detection, but it really
> rocks with it.

The current (git) code will invoke the "closed loop" mode if you give 
--wordlist with no argument. This is just a short-cut for 
--wo=$JOHN/john.pot (or in case you also use --pot=FILE it will use that 
file). I am considering this instead:

1. --wo with no argument implies a normal wordlist mode using 
$JOHN/password.list (or whatever you have configured in john.conf for 
batch mode).

2. Closed loop is invoked using --closed-loop or something. This will be 
an alias for --wo=$JOHN/john.pot (or the FILE in --pot=FILE).

Would this be better? I'm fine with the current behavior but it's not 
100% intuitive. Although it does tell you what happens:

$ ./john -mem=0 targets/test.des -wo --form:des
Loaded 743863 password hashes with 3844 different salts (Traditional DES 
[128/128 BS SSE2-16])
Remaining 597258 password hashes with 3844 different salts
Closed-loop mode: Reading candidates from $JOHN/john.pot
Supressed 177795 duplicate lines.
guesses: 0  time: 0:00:00:23 2.90% (ETA: 2012-06-12 09:39:20)  c/s: 
735448K  trying: 0a5b10c1 - 358745
Session aborted

magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ