Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 23 Jul 2015 11:51:09 +0300
From: Shinnok <admin@...nnok.com>
To: john-dev@...ts.openwall.com
Subject: Re: Default attack format


> On Jul 22, 2015, at 2:49 PM, Mathieu Laprise <mathlaprise@...il.com> wrote:
> 
> Thanks for your help. So Shinnok, which way do you want me to use for this task ?

Let's implement the core approach for this sprint and add a new feature issue on Github for the jumbo approach and assign to the next sprint.

For core approach, create a new JohnHandler that will run every time new password files are opened(thus a new session) and grep the output for the default attack format. Use it in the UI and elsewhere.

Use magnum's approach , `john -stdin hashfile <<< ""` , if it is the minimal overhead one.

magnum, what did you mean by:
> This has the side-effect you will never miss to crack an empty password.

As I take it, empty passwords for the default format will be already shown as cracked before the user starts an attack.

Shinnok


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ