Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 5 Dec 2012 20:44:20 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Cracking a GPG keyring

On Tue, Dec 4, 2012 at 11:44 PM, Solar Designer <solar@...nwall.com> wrote:
> On Tue, Dec 04, 2012 at 05:54:04PM +0100, magnum wrote:
>> On 4 Dec, 2012, at 12:42 , Dhiru Kholia <dhiru.kholia@...il.com> wrote:
>> > This rejection should be done in format's valid method. However, I
>> > have been lazy in doing it so far :(
>>
>> In cases like this it's *really* important that it gets rejected somewhere in the chain (could be in gpg2john as well, or even as an assertion in in get_salt() but that is a crude solution for no reason) and IMHO you should place it in, well, the top line of your to-do list. Imagine someone spending literally months with 96 CPU cores just to find out your format gladly and silently accepted input that it simply can not crack.
>
> I'm with magnum on this.  Implementing proper valid() functions for all
> of your formats should be your first priority now.  It is a higher
> priority task than adding more formats.

I agree. This problem is now fixed.

✗ ../run/john -fo:gpg-opencl unsupported-but-valid-hash
[-] gpg-opencl only supports cracking keys using SHA1 based s2k
No password hashes loaded (see FAQ)

I will start implementing proper valid function in my other formats soon.

-- 
Cheers,
Dhiru

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.