Date: Fri, 05 Jun 2015 19:57:11 +0200 From: Frank Dittrich <frank.dittrich@...lbox.org> To: john-dev@...ts.openwall.com Subject: Re: poor man's fuzzer On 06/05/2015 03:16 PM, Solar Designer wrote: > On Fri, Jun 05, 2015 at 01:58:50PM +0300, Solar Designer wrote: >> Also, this one: >> >> $pomelo$$23$hash runner 2015$8333ad83e46e425872c5545741d6da105cd31ad58926e437d32247e59b26703e >> >> consumed many gigabytes of RAM and was still growing: >> >> solar 29203 99.7 50.7 67167428 67116292 pts/15 RN 14:52 3:33 ./john --nolog --encoding=raw --stdin --session=/dev/shm/fuzz/s-117 --format=pomelo /dev/shm/fuzz/pw-117 >> >> It's sort of expected that we don't currently have any hard memory usage >> limits in john itself, but we may want to revisit this discussion. > > BTW, in the above case it's probably a bug - notice "$$" in the hash > encoding. So probably it's improper processing of a missing number. POMELO also has some endianness problems, see https://github.com/magnumripper/JohnTheRipper/issues/1345 We hoped thet the Q&D implementation would at some point get replaced by Agnieszka's implementation. That's why nobody bothered to spend much time trying to fix bugs in an implementation which will not last. Frank
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.