Date: Fri, 5 Jun 2015 16:16:18 +0300 From: Solar Designer <solar@...nwall.com> To: john-dev@...ts.openwall.com Subject: Re: poor man's fuzzer On Fri, Jun 05, 2015 at 01:58:50PM +0300, Solar Designer wrote: > Also, this one: > > $pomelo$$23$hash runner 2015$8333ad83e46e425872c5545741d6da105cd31ad58926e437d32247e59b26703e > > consumed many gigabytes of RAM and was still growing: > > solar 29203 99.7 50.7 67167428 67116292 pts/15 RN 14:52 3:33 ./john --nolog --encoding=raw --stdin --session=/dev/shm/fuzz/s-117 --format=pomelo /dev/shm/fuzz/pw-117 > > It's sort of expected that we don't currently have any hard memory usage > limits in john itself, but we may want to revisit this discussion. BTW, in the above case it's probably a bug - notice "$$" in the hash encoding. So probably it's improper processing of a missing number. > Meanwhile, it is important to set a sane RLIMIT_AS when fuzzing (I forgot). Here's how I run the script now: (ulimit -v 2097152; time ~/j/fuzz.pl &> fuzz.log) This is at most 2 GB per child process. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.