Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 22 Jun 2015 23:06:16 -0400
From: Mathieu Laprise <mathlaprise@...il.com>
To: john-dev@...ts.openwall.com
Subject: Mathieu's weekly report #8

Accomplishment :
- I followed up the discussion with the users about the platforms we should
support for Johnny release. We got requests for OS X Leopard 10.5 and also
rhel 6 distros RHEL6 /CentOS 6 / Scientific Linux 6.
- So, this gave progress on the other important discussion about which Qt
minimum version should we require ? So, this discussion leads to support
source building for rhel 6 linux which means QT4.6.2
- Following this, I started working on qt 4.6.2 support which can be found
in this PR https://github.com/shinnok/johnny/pull/30 and also in this
https://github.com/math07/johnny/commit/8150ee018b96074481dcba8faa3d984a6580f8dc
I tested johnny now on centOS 6 with qt 4.6.2 and it is working.
- I found and fixed some issues such as
https://github.com/shinnok/johnny/issues/31 ,
https://github.com/shinnok/johnny/issues/32,
https://github.com/shinnok/johnny/issues/33 , the translation bug with ...
in the list widget tabs when dynamically translating from small words to
bigger words  etc...
- I finished the feature multiple session management. Here is the
description of the implementation as I said in another thread :

> As for the summary of multiple session management, all features that we
> talked about are there as of today. Each session is automatically saved by
> the date and time of the attack. The user can see them in the list and
> there is a tooltip showing the file name. The list can be cleared. At
> first, for session history, I saved one .johnny file per session like
> Aleksey did in 2012. I read all files(.johnny and .rec) in the johnny
> folder. But then, you told me that you would prefer storing sessions via
> QSettings. So, I reimplemented it with QSettings and groups. The group is
> "johnSessions" and each subgroup is the name of the session (ex :
> johnSession/08-06-15_21:03). After that, I implemented the saving of UI
> settings so you can access all the keys from that subgroups(ex:mode etc..).
> I adapted the method that read the UI to make the QStringList of john
> parameter to also save the UI to QSettings.After that, the method
> MainWindow::restoreSessionUI(const QString& sessionName) restore
> everything easily like that :
> m_settings.beginGroup("johnSessions/" + sessionName);
> QString format = m_settings.value("formatJohn").toString();
>
Priorities:
- There is something weird going out with already cracked password not
showing up in the tableview(for example this issue :
https://github.com/shinnok/johnny/issues/22), but also probably others so I
want to find and fix all callJohnShow stuff to have a coherent UI.
-  I adressed Shinok's comment regarding the latest PRs so we should merge
it in master tuesday. I think that our plan is to feature freeze johnny
this week, only push some bugfixes to master and make .dmg for OS X and an
installer for windows like thursday ? After that, make a discussion on the
list to gather feedback. Maybe it'll change our plan for after
release(starting june 29th)
- Shinnok, will we make .rpm, .deb and generic tarball like Aleksey did in
2012? I'm not sure about this one since I recall that you said that you
want to let distro maintainers take care of that.
Questions regarding further sprints:
- What's our plan for week of june 29th, do we still continue with those
points or do we change priorities(like JohnSession refactoring or other
stuff) ?

   1. Ability to select/deselect individual hashes from being handled in a
   cracking session(maybe via a simple checkbox to each row?)
   2. Search/Filter inside the Passwords tab table view

The first point is pretty clear, but for #2, maybe I could start a
discussion this week about which search fields and filter categories people
would like. Shinnok, did you have already some in mind ? In my mind, I have
show cracked only or show uncracked only hashes. Also, filter by hash type
for jumbo only because it offers --show=types and I implemented
HashTypeChecker class in johnny in a previous sprint.

Content of type "text/html" skipped

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ