Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 11 Sep 2011 21:27:33 +0200
From: Pablo Fernandez <pfernandez@....org>
To: john-users@...ts.openwall.com
Subject: External filter question

Hi,

I am trying to define an external filter that works with any other mode (like 
incremental) that simply defines where to start and where to stop. This will 
basically be a filter that creates a "block" in the password-space (for 
distributed processing)

I came down to this:

[List.External:Block]

int min, max, max_secure, min_secure;   // Search margins
int number;                             // Current word number

void init()
{
        min = 10000; 
        max = 11000;            
        number = 0;
        min_secure = min - 2;           // To compensate the first auto-
increment, and starting from 1.
        max_secure = max + 2;           //   that it starts with 0 and not 1, 
}

void filter()
{
        if (number++ < min_secure) { word = 0; return; }  // Advance until the 
first word
        if (number > max_secure) { word = 1 / 0;}  // Force to fail, with a 
small margin
}




So, there is no generate() on purpose, to make it compatible with the 
incremental mode. This basically runs John between the password number 10000 
and 11000, and at that point it forces a sw trap: divide by zero, forcing an 
exit. This is the expected behavior.

BUT I am having problems, probably related to the way the system flushes the IO 
buffers. This is not an "elegant" way to exit john, and it turns out that, if I 
find a password match in the last seconds before the fault, it does not write 
it to john.pot, hence losing it.

I would like to solve this, two questions arise:
- Is there a more elegant way to exit John from the filter() section? I was 
looking at John's code and I could not find an easy way out, seems to be 
possible only with generate().
- Or maybe, is there anything I can do to force John to flush the IO buffer 
before doing the word=1/0 operation?
- I also thought that I could do a sig_kill from outside, but from there I 
don't know when John finished processing the block that I want it to perform.

Any help would be very appreciated.

Thanks,
Pablo

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.