Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 5 Jun 2015 16:16:18 +0300
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: poor man's fuzzer

On Fri, Jun 05, 2015 at 01:58:50PM +0300, Solar Designer wrote:
> Also, this one:
> 
> $pomelo$$23$hash runner 2015$8333ad83e46e425872c5545741d6da105cd31ad58926e437d32247e59b26703e
> 
> consumed many gigabytes of RAM and was still growing:
> 
> solar    29203 99.7 50.7 67167428 67116292 pts/15 RN 14:52   3:33 ./john --nolog --encoding=raw --stdin --session=/dev/shm/fuzz/s-117 --format=pomelo /dev/shm/fuzz/pw-117
> 
> It's sort of expected that we don't currently have any hard memory usage
> limits in john itself, but we may want to revisit this discussion.

BTW, in the above case it's probably a bug - notice "$$" in the hash
encoding.  So probably it's improper processing of a missing number.

> Meanwhile, it is important to set a sane RLIMIT_AS when fuzzing (I forgot).

Here's how I run the script now:

(ulimit -v 2097152; time ~/j/fuzz.pl &> fuzz.log)

This is at most 2 GB per child process.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.