Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 5 Apr 2015 13:19:19 +0300
From: Aleksey Cherepanov <>
To: Shinnok <>
Subject: Re: [RFC] Johnny further development proposal


On Thu, Mar 26, 2015 at 05:09:21PM +0200, Shinnok wrote:

I have some comments:

1.2 #2: crash on exit while john is running

I guess it was fixed in release branch. Though master was behind the
release branch. I merged release into master. So johnny should not
crash now. If it crashes please report your example.

 4. Add tooltips to all UI actions that are not very self explanatory
    to a new comer

I like the idea of context help.

Though tooltips are not very attractive for me. I like the way some
program showed help: there is a region of screen for help, when you
navigate mouse to some element the corresponding help is shown in the
region immediately (though it has drawback: you can't use mouse on
other element following the help, it disappears, so the text should be
designed well). I think the program was VirtualBox, though at the
moment I don't see such ui element there...

1.4 #1 proper threading

I've dropped code for threading, there is no explicit threading now.
Threading makes things complex. I think threading that I dropped did
not provide the speed because the bottleneck was adding to the grid
that could not be done in thread. So I just made the adding fast
enough using hash table to map hashes into lines of grids.

 1. Hash type suggestion/guessing for individual hashes (which is the
    best way? do we have any support from JtR jumbo with that)

Jumbo suggests possible other formats when the cracking is started.
Though it suggest only for the whole pack (actually by the type of the
first hash I think), not for the individual hashes. I think it is
needed to implement separate option to show types for each hashes,
probably not starting attack.

 1. Manual plain-text user probing for individual ciphers(manual

It should not be hard to pass words from users to john (through file
or through pipe). Though showing of the result hash is the other
story. Also attack against individual hash (1.8 #2) is a separate task
too (and user should be warned about not salted hashes that are very
cheap try all at once; maybe for not salted hashes, it should be
deprecated at all).

 1. Dictionary editing and generation based on interactive rule sets?

More details please.

 2. Ability to select/deselect individual hashes from being handled
    from a s

It looks unfinished. I wrote some ideas in 1.6 #1.

 1. Note: First stable release.

BTW current release may be viewed as stable. Though it does not
support jumbo. And some things from core like unshadow.

 1. Post-cracking statistics regarding the frequency of passwords,
    characters and lengths, would be nice. Provided in a new
    statistics pane.

There are Free and Open Source Software tools to perform analysis
using cli. We may integrate some of them.

Nice plan. Thanks!

Aleksey Cherepanov

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.