Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 6 Jun 2015 10:58:58 +0300
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: poor man's fuzzer

On Fri, Jun 05, 2015 at 08:13:28PM +0200, Frank Dittrich wrote:
> Alexander Cherepanov also posted a john format fuzzer some time ago
> which uncovered tons of bugs:
> http://article.gmane.org/gmane.comp.security.openwall.john.devel/8105

Yes, I knew that.  I didn't recall that he also had a script called
fuzz.pl, though.  I would have named mine differently then.

> It needs some adjustments:
> -it is not longer necessary to search the source code for hashes, this
> can be replaced with ./john --list=format-tests | cut -f 3

This is already implemented in my fuzz.pl.

> -some hashes use additional delimiters between components of hashes,
> e.g., '#' instead of just '$' and '*'.

Good point!  We need to add more overstrike characters to my fuzz.pl.
Right now, it uses '9' and '$'.

> and may be
> -don't run each format against all the fuzzed format tests of all
> formats (at least not as long as you find bugs by just fuzzing the
> format specific hashes

This is also already implemented in my fuzz.pl.  It keeps track of not
only test vectors, but also the corresponding format names.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ