Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 16 Dec 2012 20:11:50 +0100
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Run-time change of a format's max length

On 14 Dec, 2012, at 3:23 , magnum <john.magnum@...hmail.com> wrote:
> On 13 Dec, 2012, at 2:30 , Solar Designer <solar@...nwall.com> wrote:
>> On Thu, Dec 13, 2012 at 02:20:10AM +0100, magnum wrote:
>>> On 13 Dec, 2012, at 1:15 , Solar Designer <solar@...nwall.com> wrote:
>>>> Shouldn't this option be called --max-length instead, and we'd have
>>>> --min-length too?
>>> 
>>> That has crossed my mind too, I should change it.
>> 
>> Yes, please.  They're called that way on my to-do list. ;-)
>> 
>>> This would let us run incremental with a length range without having to define a temporary in john.conf. Is there any other use of min lengths? Markov mode perhaps.
>> 
>> For example, excluding too short passwords with a wordlist run, assuming
>> that those are (to be) searched exhaustively with incremental mode.
> 
> All the above are done & committed now, except Wordlist and Single mode. Two new variables were added to External: req_minlen and req_maxlen and these are now used in most External modes in john.conf (still together with cipher_limit). Markov and Incremental work fine. A couple of things are now obsolete or redundant:
> 
> * The various length-variants of Incremental, eg. All7. This can now be specified at will, without hacking john.conf.
> * The various length-variants of External:Double.
> * The length-range given with the --markov=OPTIONS blob. They can co-exist but if both are given we should bail out with error.
> 
> This obviously needs some regression testing but everything seems to work fine and it's not that intrusive. I love this patch.

More patches has been committed, tweaking wordlist with or without rules. --max-length now skips rather than truncates. Wordlist mode will skip words at buffer load already, if that is in use.

magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ