Date: Mon, 1 Jun 2015 18:18:34 +0800 From: Kai Zhao <loverszhao@...il.com> To: john-dev@...ts.openwall.com Subject: Re: Kai's weekly report #5 > And you only found issues with external mode? There is another bug belongs to Markov mode. https://github.com/magnumripper/JohnTheRipper/issues/1357 Did not find bugs on UserClasses, Mask, Regen_Salts_UserClasses. > Does this mean you think you're done with fuzzing? The fuzzing target are these input sources: -- input data for 2john tools -- hashes -- wordlists -- rules -- chr -- config files (non-rules parts) -- command line options -- environment variables All of the input sources have been fuzzed. But it's impossible that there is an end to some of the them. Such as, command line options have nearly infinite combinations. As the 2john tools are simple, I think the fuzzing of 2john tools is done. As other input sources, I think we can continue fuzzing as we need. > I'd expect more issues with invalid hash encodings passing valid() in > many formats in jumbo. I think this is worth further fuzzing, perhaps > with greater specialization to the task. Yes, although I have fuzzed hashes about two weeks, I think it is worth keeping fuzzing since there are hundreds of hashes. I will fuzz hashes in the following several weeks. Thanks, Kai Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.