Date: Sun, 24 Apr 2011 23:08:58 +0400 From: Solar Designer <solar@...nwall.com> To: john-dev@...ts.openwall.com Subject: Re: "SSH private keys cracker" patch for JtR [first cut for GSoC] Hi Dhiru, Thank you for posting these draft revisions of the code. You're doing this just right! (I mean the frequency of these updates.) I haven't tested this yet (sorry!), but I am going to start to impose some quality requirements (I think it's time). Please see below: On Thu, Apr 21, 2011 at 03:25:23PM -0700, Dhiru Kholia wrote: > Thanks for the review, magnum. A new version of the patch, which > stores the entire "ssh key file" in john.pot is attached. > > Usage: > > 1. Create a text file (called keys.txt) containing filename(s) of the > SSH private key(s) to be cracked. > 2. Run unssh as "unssh keys.txt sshdump". The "unssh" program must not directly write into any files. Other un* programs don't ("unique" is an exception, but it has a reason for that and it uses O_EXCL). Someone might run "unssh key1 key2" and have their second key file overwritten (oops). Instead, it should print to stdout. Typical usage would be: unssh .ssh/id_rsa > sshdump or: unssh .ssh/id_[rd]sa* > sshdump (and you don't need any filename globbing in your code - the shell will take care of that for you). You also don't need a file with a list of filenames - you pass those filenames via the command line. > 3. Run JtR as "john -format=ssh sshdump". Looks fine. The format should be autodetected due to the "$ssh$" marks, though. > Bugs: > > 1. "john -format=ssh --show sshdump" doesn't work currently. This will need to be fixed. Why doesn't it work? If you do everything right elsewhere, it should just work, with no effort on your part. > 2. gecos handling looks hacky :-). I haven't reviewed your code closely enough nor tested it yet, so I can't comment on this yet. More quality requirements: Please license your code such that it's usable (both by end users and by others working on JtR): http://openwall.info/wiki/john/licensing Please start to use the proper source code style. The coding style of the official JtR roughly matches these "indent" program options: indent -kr -i8 -nlp -nbbo -l79 -lc79 (these are given in Owl/doc/CONVENTIONS). Please start to upload these patches to the wiki, to the patches page or to the non-hashes page (your choice). Also continue to announce them in here. When you have substantially-improved "stable" versions, then also announce those on john-users. Thanks, Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.