Date: Sat, 6 Jun 2015 11:22:15 +0300 From: Solar Designer <solar@...nwall.com> To: john-dev@...ts.openwall.com Subject: Re: poor man's fuzzer On Sat, Jun 06, 2015 at 04:04:14PM +0800, Kai Zhao wrote: > ./john --skip-self-tests --nolog --encoding=raw --stdin --session=$session > --pot=$pot --format=$f $pwfile > > I guess the $session file is just an empty file. It's a session name that is unique to this fuzz.pl child process. Without this option, all of the john processes would use the default session name, meaning they'd use john.rec for their crash recovery filename. They would then clash on trying to flock() that one shared file, so most would refuse to run and the fuzzing would be vastly incomplete. Also, I am actually passing a pathname to a file (to be created by john) under /dev/shm/fuzz. Placing those files in there, as opposed to having them on the current on-disk filesystem, speeds things up (and prolongs lifetime of the disks), assuming that /dev/shm is a tmpfs mount. BTW, your question shows that you still lack JtR usage experience, as a user. You could want to familiarize yourself with JtR usage some more. > I will test OpenCL and CUDA. Thanks. When testing OpenCL, I recommend that you pass a --dev option to choose a device other than an AMD GPU. Have it use CPUs or an NVIDIA GPU instead. The AMD driver is very fragile - it is too easy to crash the system if you fuzz john when it uses an AMD GPU (you'd sort of end up stress-testing the AMD driver, possibly more than you'd fuzz john). For example, on super you need to avoid --dev=0 and --dev=1 (which are AMD GPUs). You may use --dev=2 or --dev=3 (CPUs) or --dev=5 (NVIDIA). Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.