Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 06 May 2015 23:57:11 +0200
From: Frank Dittrich <>
Subject: Re: Session names somename.[0-9]+ shouldn't be allowed

On 05/06/2015 08:26 PM, Solar Designer wrote:
> On Wed, May 06, 2015 at 06:21:14PM +0200, Frank Dittrich wrote:
>> On 05/06/2015 05:58 PM, Solar Designer wrote:
>>> "Disallow session names with dots since these clash with those produced by
>>> --fork.  Suggested by Frank Dittrich."
>> You don't even allow --session=test.md5crypt anymore.
> Yes.  I'd rather not.  Let's keep the dot reserved for filename suffixes
> added by John.

Even worse, this breaks the JtR test suite.
The test suite is located in a test subdir at the same level as run and src.

(bleeding-jumbo)run $ cd ../test/
(master)test $ ./ -type cisco8 -v -stoponerror
- JtR-TestSuite (jtrts). Version 1.13, Dec 21, 2014.  By, Jim Fougeron &
- Testing:  John the Ripper password cracker, version [linux-gnu 64-bit AVX-autoconf]

John Jumbo build detected.
--pot=NAME option is valid
--encoding=NAME option is valid
all.chr (../run/all.chr) not found
alnum.chr found, inc_alnum_ee8763c850dee8e4b88ef547a8ed39b8 added as a
Types to filter on:
Capabilities in this build of john:
jumbo core inc local_pot_valid encode_valid utf8 cp1252 cp1251 koi8r
cp437 cp737 cp850 cp858 cp866 iso8859-1 iso8859-15

form=cisco8                       guesses:    0 -show=   0 unk unk :
Expected count(s) (1500)  [!!!FAILED2!!! exited, return code 1]
Exiting on error. The .pot file ./tst.pot contains the found data
The command used to run this test was:

../run/john -ses=./tst  -pot=./tst.pot
--wordlist=pw-70.dic -form=pbkdf2-hmac-sha256
(master)test $ ../run/john -ses=./tst  -pot=./tst.pot
--wordlist=pw-70.dic -form=pbkdf2-hmac-sha256
Invalid session name: must not contain a dot

In this case, uses --session=./tst to make sure the .rec and
.log files remain in the test subdir, even if the john binary is located
in ../run/.

So, dots in the path name should be allowed.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.