Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 23 Apr 2015 22:45:26 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: Advice on proposal: John the Ripper jumbo robustness

> Let's see where the next bottleneck is.

I have tried 3 days to find the next bottleneck. There are two ways I have
tried, both the two ways speed up a little which is about dozens of
exec/sec:

1. Remove the useless source code to make the size of john smaller

2. Remove the useless functions in john.c

Finally, I found that the key of fuzz the valid() function is this line:

ldr_load_pw_file(&database, current->data);

We init the john by registering fmts, reading configs, and so on, after the
init done, we run the ldr_load_pw_file() function which will valid the hash.
It takes some time from the start of john to the function
ldr_load_pw_file().
And we repeat it in every case, thus it wastes a lot of time.

I think it is a better way that we init only once and use fork to copy the
progress to child. The child only needs to run the ldr_load_pw_file().

AFL has come up this idea with 'The fork server', more details below:

http://lcamtuf.blogspot.com/2014/10/fuzzing-binaries-without-execve.html

I think we should custom AFL to init only once. Do you agree with this idea?


Thanks,

Kai

Content of type "text/html" skipped

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ