Date: Tue, 17 Mar 2015 07:58:34 +0300 From: Solar Designer <solar@...nwall.com> To: Shinnok <admin@...nnok.com> Cc: john-dev@...ts.openwall.com Subject: Re: [RFC] Johnny further development proposal Hi Shinnok, I'm sorry I didn't comment sooner. This looks like a good proposal draft to me. Are you by any chance GSoC eligible (still or again)? If so, you're welcome to apply this year. Thanks, Alexander On Wed, Oct 08, 2014 at 09:58:27AM +0300, Shinnok wrote: > Hi list, > > My current plan for Johnny as promised. I should probably add this to > some Wiki page, not sure if I still have access there. Comma's added > where I really need suggestions/feedback from you guys. > > Immediate tasks: > 1. Upgrade to Qt 5 > 2. Fix any outstanding bugs or crashes (crash on exit while john is > running, pause not working, etc..) > 4. Support for OS X and distribution package (DMG package, should > probably include JtR) > 5. Ui improvements (hide progress bar when not needed, better sidebar > navigation, proper layout constraints so that UI elements look nice, > e.g. the button's in the Settings page are a mile long, etc..) > 6. Windows support and distribution package either: > a) .msi if it makes sense, will have to include JtR since I don't > think there is one for it > b) just .zip package would do > 7. Make proper .deb package for Linux with CONTROL file that specifies: > a) ARCH > b) Qt dep > c) JtR dep > d) app description > Maybe Kali have done that properly for their package so we could use > that as a reference. > > 8. The progressbar doesn't really say much currently. Percentage of > cracked password could just as well be shown as numbers. Maybe we should > switch the progress bar to showing either: > a) how much till cracking completion (if JtR can estimate that, per > cracking mode type would be fine too) > b) ?? > > 9. Manual plain-text probing for individual hashes > 10. Hash type suggestion/guessing for individual hashes > 11. Critical JtR integrations > > Things for later: > 1. Further JtR integration (need suggestions) > 2. JtR pro integration > > Things for way later: > 3. Support multiple cracking sessions, not sure if this can be done now > by just running multiple Johnny apps. The best option would be multiple > tabs, but if multiple apps would work just as fine I'd be contempt with > just that for now. > 4. Remote cracking sessions, most people that are going to do heavy > usage of JtR like a "pro" are not going to crack on the everyday machine > where they run Johnny too, but on remote always on headless power > beasts, so a cool feature would be for Johnny to be able to > tap(securely) on such remote sessions from a remote PC. This needs to be > researched and discussed on the lists before anything can be done. What > I think the easiest option would be to be able to use ssh pipes to > either direct JtR ttys or some log file(no interactivity for this > option). Separate watcher daemon is another more complex alternative. > 5. Translation support? > 6. Dictionary editing and generation based on interactive rule sets? > 7. Post-cracking statistics regarding the frequency of passwords, > characters and lengths, would be nice. Provided in the statistics pane. > > Goals to keep in mind for the future: > 1. Maintain default operating system UI looks, until otherwise needed. > 2. Simplicity over complexity. > 3. The UI needs to give people reasons to use it, otherwise they'll just > skip it.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ