Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 12 Jun 2012 09:29:47 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Recent github patches

On 2012-06-12 00:35, magnum wrote:
> On 2012-01-27 21:45, Solar Designer wrote:
>> On Fri, Jan 27, 2012 at 09:19:19PM +0100, magnum wrote:
>>> * Experimental support for running "closed loop" - i.e. wordlist mode
>>> with a .pot file as input. We might want better dupe supression (to
>>> memory buffer), possibly reusing "unique" code. The current code only
>>> supresses consecutive dupes (just as for any wordlist file).
>>
>> In fact, I thought of optionally using the "unique" code in wordlist mode
>> regardless of where the input comes from. However, I am concerned that
>> if changes this invasive are first made in -jumbo, it will deviate from
>> the main tree's code too far. Ideally, I should find time and implement
>> this in the main tree first... but it's not something I'll have time for
>> any time soon (got other priorities, including for JtR).
>
> Until now I managed to stay away from this, but I now have a solid
> implementation that I plan to commit after optimizing and testing quite
> a bit more. It's not invasive though, it's very simple (stripped down
> pieces from unique.c) and will be trivial to back out of if/when you
> implement this in core JtR.
>
> The "closed loop mode" is curious without dupe detection, but it really
> rocks with it.

The current (git) code will invoke the "closed loop" mode if you give 
--wordlist with no argument. This is just a short-cut for 
--wo=$JOHN/john.pot (or in case you also use --pot=FILE it will use that 
file). I am considering this instead:

1. --wo with no argument implies a normal wordlist mode using 
$JOHN/password.list (or whatever you have configured in john.conf for 
batch mode).

2. Closed loop is invoked using --closed-loop or something. This will be 
an alias for --wo=$JOHN/john.pot (or the FILE in --pot=FILE).

Would this be better? I'm fine with the current behavior but it's not 
100% intuitive. Although it does tell you what happens:

$ ./john -mem=0 targets/test.des -wo --form:des
Loaded 743863 password hashes with 3844 different salts (Traditional DES 
[128/128 BS SSE2-16])
Remaining 597258 password hashes with 3844 different salts
Closed-loop mode: Reading candidates from $JOHN/john.pot
Supressed 177795 duplicate lines.
guesses: 0  time: 0:00:00:23 2.90% (ETA: 2012-06-12 09:39:20)  c/s: 
735448K  trying: 0a5b10c1 - 358745
Session aborted

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.