Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 4 Apr 2013 02:19:49 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Python port of dmg2john utility

On 3 Apr, 2013, at 22:13 , Solar Designer <solar@...nwall.com> wrote:
> On Wed, Apr 03, 2013 at 09:27:36PM +0200, magnum wrote:
>> On 3 Apr, 2013, at 19:29 , Dhiru Kholia <dhiru.kholia@...il.com> wrote:
>>> I am attaching Python port of dmg2john utility for review.
>>> 
>>> If everything seems to be OK, I will open a pull request.
>> 
>> I suppose you had reasons so I'm fine with that, except I refuse to learn Python so I can't review it. I believe Solar would prefer things getting ported *from* python and not the other way round :-)
> 
> This started with an off-list request from me to Dhiru to develop either
> a script version of dmg2john, or a script that could provide us with
> sufficient input for a revision of dmg2john while not revealing the dmg
> file's more sensitive content.  This is to allow for usage of our tools
> to provide password recovery services (free or paid, doesn't matter).
> dmg files themselves are generally too large and too sensitive to be
> delivered to a password recovery service provider, and our C version of
> dmg2john would either need to be provided as a compiled program binary,
> or would require to be built from source by the customer (cumbersome).
> 
> I suggested that this would be a shell (with dd) or Perl script, but
> Dhiru chose Python, pointing out that OS X had Python included for very
> long.  While I would have preferred shell or Perl, I am fine with
> Dhiru's choice here, as it seems to satisfy the use case above.

Sounds reasonable. I tried it on a couple of files (a small v1 and a DVD-sized v2 that would break 32-bit limits) and it produced the exact same outputs as the C version.

magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ