Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 7 Aug 2012 11:29:22 +0400
From: Aleksey Cherepanov <aleksey.4erepanov@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: johnny: how to handle sessions?

On Mon, Aug 06, 2012 at 11:54:17PM +0200, Frank Dittrich wrote:
> On 08/06/2012 09:28 PM, Aleksey Cherepanov wrote:
> > Johnny could not restore arbitrary .rec because .rec contains relative
> > paths and we do not know current dir at time of creation of .rec
> > file. I'd say we could assume that file is not moved and we could
> > subtract path to session file stored in .rec and real path to session
> > file but this does not work in case of --session=../name .
> 
> You could convert the session name as well as each user-supplied file
> name specified (wordlist file name, file name with password hashes) into
> an absolute name, and run
> 
> /path/to/john /home/user/<subdir>/pw
> --session=/home/user/<another_subdir/session-name
> --wordlist=/home/user/<dir>/wordlistfile
> 
> This should work, shouldn't it?

Inside Johnny it should work. Though it does not seem to be a big
problem to make Johnny to support sessions created in Johnny.

Problem is with sessions from regular john. Though we could use
wrapper that alters john's behaviour to be compatible with johnny. But
it does not help with old sessions and sessions created by mistake
without wrapper.

Thanks!

-- 
Regards,
Aleksey Cherepanov

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ