Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 18 Jun 2012 19:17:01 +0200
From: Frank Dittrich <frank_dittrich@...mail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Reduced binary size

On 06/18/2012 09:47 AM, magnum wrote:
> Obviously, get_source() will not be safe if we use a reduced (32 bits)
> binary. We might produce false positives, as we never really compare
> with the full original binary. These false positives will be "reset"
> (hashes will be regarded as remaining) on next run/resume of the hash,
> as the john.pot hash will not match the ciphertext. But it's still not
> acceptable. I see no way other than making these techniques mutually
> exclusive, unless someone has a clever solution (theoretically,
> get_source could re-read the original source from its file).

If you are going to retrieve the original hash from the file, this needs
to be documented somewhere.
Because currently, you can use

$ killall -s 1 john
$ ./john --show=LEFT input > input2
$ mv input2 input

and this will not cause any problem.
If those sessions that keep running access the changed input file to get
the original hash, this can cause all sorts of trouble.

Frank

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ