Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 7 May 2015 20:23:24 +0300
From: Shinnok <>
Subject: Re: Session names somename.[0-9]+ shouldn't be allowed

> On May 7, 2015, at 8:04 PM, Mathieu Laprise <> wrote:
> On Thu, May 7, 2015 at 12:45 PM, Shinnok < <>> wrote:
> I agree. I was more hinting Mathieu at the fact that we should use <> to figure out where to store Johnny's stuff cross-platform.
> Weather that'd be just .ini settings or include sessions too remains to be decided as a result of this thread.
> Yes, I'll keep an eye on this thread to modify Johnny if it is decided to not permit dot.
> PS : This doc page is a good reference for further uses. Right now we use QDir::home() (same as QStandardPaths::HomeLocation) + /.john/.

On a second thought, we can fix this properly right now.

     // We create folder for us in home dir if it does not exist.
    // TODO: Are this checks are enough?
    // TODO: Claim on mkdir fails.
    // TODO: Do not do it on start up. Choose other good time.
    if (!QDir(QDir::home().filePath(".john")).exists()) {
    if (!QDir(QDir(QDir::home().filePath(".john")).filePath("johnny")).exists()) {

    // Session for johnny
    m_session = QDir(

Rewrite the above to the following:
1. Use QStandardPaths::writableLocation() for application data, store the .conf there
2. Export $JOHN to the previous path + "/sessions/" in JohnProcess. You already know how to do that.
3. Use only "johnny_default" for  m_session;

Is there reason to suspect that this won't suffice for pre and post core patch? Also this paves some of the ground work for the multi-session task.

BTW, is JtR cli ever supposed to use ~/.john, I can't find references?


Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.