Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 21 Dec 2005 06:08:13 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: john improvement suggestions

On Tue, Dec 20, 2005 at 09:21:21PM +0100, Frank Dittrich wrote:
> I would, however, be interested to know which rule
> cracked a password.

I see no way to implement that without a performance impact because:

> (For algorithms with MAX_KEYS_PER_CRYPT > 1, sometimes
> the new rule/incremental mode entry gets logged before
> all the previously generated passwords have been tried,
> even if the old rule/incremental mode entry generated
> the right password.)

I would have to tag each buffered candidate password with its source
rule/entry.  Such tagging would have to be done _before_ it is known
whether there is a guess, so it would be extra work and extra L1 data
cache "consumption".

> >I'd like to see some way to increase the benchmarking time to
> >get more coherent/stable/exact figures.
> 
> Another config option;)

I don't think it needs to be a runtime option.

> >Optimize regexp expansion order [a-z] according to some
> >general/usage statistics.
> 
> This will be hard to do, since usage statistics depend at least on
> -language preferences
> -password rules
> 
> You can optimize manually, e.g. by specifying [enftisala-z] instead
> of [a-z].

I agree with this.

> >- When there are psw. hashes cracked in session, does john skip cracking 
> >them immediatelly? Or is there a session reload needed?
> 
> Additional question: is it possible to send a signal to other
> currently running john instances, to let them re-read john.pot?

This is not currently supported, although it might be not too hard to
implement.  Added to TODO for further consideration (post-1.7).

John already supports SIGHUP - it updates john.pot, the .rec file, and
the log file when it receives that signal.

Thanks,

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Was I helpful?  Please give your feedback here: http://rate.affero.net/solar

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ