Date: Sat, 07 Mar 2015 19:41:00 +0300 From: Alexander Cherepanov <ch3root@...nwall.com> To: john-dev@...ts.openwall.com Subject: Re: Any advice on how to fuzz john jumbo by AFL On 2015-03-07 18:48, Frank Dittrich wrote: > On 03/07/2015 03:59 PM, Kai Zhao wrote: >> Would you please show me the Alexander's fuzzing scripts? Thank you. > > Openwall's archive stripped the attachments, and gmane doesn't have that > mail at all. Found in one of your bug reports:-) : http://article.gmane.org/gmane.comp.security.openwall.john.devel/8105 > But here is a version which includes the scripts. > > https://marc.info/?l=john-dev&m=136719502025109 > > > What Alexander's scripts do is: The scripts are very simple but they were quite effective to point out many basic problems (like missing valid()s). After such problems are fixed, more advanced fuzzer (like afl) is going to uncover many other issues. > First, grep the source code for all samples of hashes, and redirect into > a file. > > Instead of grepping the source I used Thanks for describing it. Perhaps I missed it earlier. > ./john --list=format-tests ... | cut -f 3 > ... And implemented --list=format-tests... Thanks for this! -- Alexander Cherepanov
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.