Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 6 Jun 2015 11:22:15 +0300
From: Solar Designer <>
Subject: Re: poor man's fuzzer

On Sat, Jun 06, 2015 at 04:04:14PM +0800, Kai Zhao wrote:
> ./john --skip-self-tests --nolog --encoding=raw --stdin --session=$session
> --pot=$pot --format=$f $pwfile
> I guess the $session file is just an empty file.

It's a session name that is unique to this child process.
Without this option, all of the john processes would use the default
session name, meaning they'd use john.rec for their crash recovery
filename.  They would then clash on trying to flock() that one shared
file, so most would refuse to run and the fuzzing would be vastly
incomplete.  Also, I am actually passing a pathname to a file (to be
created by john) under /dev/shm/fuzz.  Placing those files in there, as
opposed to having them on the current on-disk filesystem, speeds things
up (and prolongs lifetime of the disks), assuming that /dev/shm is a
tmpfs mount.

BTW, your question shows that you still lack JtR usage experience, as a
user.  You could want to familiarize yourself with JtR usage some more.

> I will test OpenCL and CUDA.

Thanks.  When testing OpenCL, I recommend that you pass a --dev option
to choose a device other than an AMD GPU.  Have it use CPUs or an NVIDIA
GPU instead.  The AMD driver is very fragile - it is too easy to crash
the system if you fuzz john when it uses an AMD GPU (you'd sort of end
up stress-testing the AMD driver, possibly more than you'd fuzz john).
For example, on super you need to avoid --dev=0 and --dev=1 (which are
AMD GPUs).  You may use --dev=2 or --dev=3 (CPUs) or --dev=5 (NVIDIA).


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.