Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 6 Jul 2015 21:02:09 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: more robustness

Hi Alexander,

> No, that's not the only aspect in which it differs from actual cracking.
> As I wrote above, "--test performs only very basic testing, hashing one
> password at a time (albeit in different key indices)".

To test all the keys at a time and incorrect passwords, I create a patch.


https://github.com/loverszhaokai/JohnTheRipper/commit/2c982ca92c7e9e558b91f95b57aa7368135f88ca

The fmt_self_test_body_full() function is based on the oldest formats.c

https://github.com/magnumripper/JohnTheRipper/blob/ad53c2d713c71388384c12e18f7063f00b010fa4/src/formats.c

There are mainly two changes:

1. Replace  format->methods.set_key(current->plaintext, index);
   with fmt_set_key_test_full(current->plaintext, max, format);
The new one will set all the keys from 0 to max_keys_per_crypt - 1,
and the first key is the right one and all the other keys are wrong.

2. Change cmp_all(), cmp_one(), cmp_exact(), since the first one
is expected right, and all the others are expected wrong.

However, there are two bugs with this patch.

1. As it is based on the old formats.c, it does not support dynamic
and some formats.

2. Some formats may emit false positives, but this patch considers
all the false positives are wrong.


Thanks,

Kai

[ CONTENT OF TYPE text/html SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ