Date: Wed, 08 Oct 2014 09:58:27 +0300 From: Shinnok <admin@...nnok.com> To: john-dev@...ts.openwall.com Subject: [RFC] Johnny further development proposal Hi list, My current plan for Johnny as promised. I should probably add this to some Wiki page, not sure if I still have access there. Comma's added where I really need suggestions/feedback from you guys. Immediate tasks: 1. Upgrade to Qt 5 2. Fix any outstanding bugs or crashes (crash on exit while john is running, pause not working, etc..) 4. Support for OS X and distribution package (DMG package, should probably include JtR) 5. Ui improvements (hide progress bar when not needed, better sidebar navigation, proper layout constraints so that UI elements look nice, e.g. the button's in the Settings page are a mile long, etc..) 6. Windows support and distribution package either: a) .msi if it makes sense, will have to include JtR since I don't think there is one for it b) just .zip package would do 7. Make proper .deb package for Linux with CONTROL file that specifies: a) ARCH b) Qt dep c) JtR dep d) app description Maybe Kali have done that properly for their package so we could use that as a reference. 8. The progressbar doesn't really say much currently. Percentage of cracked password could just as well be shown as numbers. Maybe we should switch the progress bar to showing either: a) how much till cracking completion (if JtR can estimate that, per cracking mode type would be fine too) b) ?? 9. Manual plain-text probing for individual hashes 10. Hash type suggestion/guessing for individual hashes 11. Critical JtR integrations Things for later: 1. Further JtR integration (need suggestions) 2. JtR pro integration Things for way later: 3. Support multiple cracking sessions, not sure if this can be done now by just running multiple Johnny apps. The best option would be multiple tabs, but if multiple apps would work just as fine I'd be contempt with just that for now. 4. Remote cracking sessions, most people that are going to do heavy usage of JtR like a "pro" are not going to crack on the everyday machine where they run Johnny too, but on remote always on headless power beasts, so a cool feature would be for Johnny to be able to tap(securely) on such remote sessions from a remote PC. This needs to be researched and discussed on the lists before anything can be done. What I think the easiest option would be to be able to use ssh pipes to either direct JtR ttys or some log file(no interactivity for this option). Separate watcher daemon is another more complex alternative. 5. Translation support? 6. Dictionary editing and generation based on interactive rule sets? 7. Post-cracking statistics regarding the frequency of passwords, characters and lengths, would be nice. Provided in the statistics pane. Goals to keep in mind for the future: 1. Maintain default operating system UI looks, until otherwise needed. 2. Simplicity over complexity. 3. The UI needs to give people reasons to use it, otherwise they'll just skip it.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ