Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 2 Jul 2013 09:46:36 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Regular Expression mode for JtR

On 27 Jun, 2013, at 22:45 , Jan Starke <jan.starke@...ofbed.org> wrote:
> The mode depends on the rexgen library, which is available on http://code.google.com/p/rexgen
> 
> Attached you find my first attempt, which seems to be working. The cool features such as resume or fork are not implemented yet, but I will do this as far as I'm on the correct way. Could you please spend some minutes to have a look at my code and highlight mistakes of mine.
> 
> Unfortunately, I had to change some JtR code to make it compilable with a c++ compiler (formats.h), because I knew no other way of solving the issue ("private" is a c++ keyword). Maybe you find some other drawbacks in my code and hopefully better alternatives :-)

Like Solar suggested, you should rewrite the mode in C. This way the "private" issue is solved too without changing core files. We do have a few other C++ files in Jumbo but they are considered issues needing to be fixed.

Also, I think you should rebase your patch on the bleeding-jumbo branch of GitHub and (after that) use a value for FLG_REGEX_CHK of 0x0000080000000000ULL (or whatever is the first unused of the upper 32-bits at the time).

After that, and after you add resume and node/fork support, I'll be delighted to add your mode to Jumbo.

I did test your current C++ version rebased on bleeding-jumbo, after fixing some minor issues. I enclose the resulting patch (it includes your patch and applies on top of current bleeding). For some reason, I see debug output "adding codepoint" when using ranges:

$ ../run/john -stdout -regex=ab[a-b]
Press 'q' or Ctrl-C to abort, almost any other key for status
adding codepoint 61
adding codepoint 62
aba
abb
2p 0:00:00:00 14.28p/s abb

Is that something I should turn off when building the library?

magnum


Download attachment "0001-First-version-of-regex-mode.patch" of type "application/octet-stream" (20999 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ