Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <BLU0-SMTP8386C42326EDA2AB7B464EFDD00@phx.gbl>
Date: Thu, 12 Jul 2012 12:01:28 +0200
From: Frank Dittrich <frank_dittrich@...mail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Re: Aleksey's status report #12

On 07/10/2012 04:09 PM, Aleksey Cherepanov wrote:
> On Tue, Jul 10, 2012 at 06:04:58PM +0400, Aleksey Cherepanov wrote:
>> The scripts are attached. They are small. Very soon I will fix most
>> todos.


I just looked more closely at your t.pl script.

If I understand that correctly, you want to copy all the files needed
for a particular attack into a subdirectory (named like the attack) in
the "store", which is a directory on the client side.

I'm afraid that's not really practical.
Users can have huge word list files like rockyou.txt,
facebook-names.txt, or even a collection of all words from a wikipedia dump.
If you always copy these files for every new attack (cracking a set of
hashes of a different fast and saltless format, or trying rules from
another [List.Rules:...] section, this will not only take time, the user
might also soon run out of disk space.

Another problem is your "short test run".
You should verify if the command line parameters really describe an
attack, before you do git add ..., git commit ..., git push ...
What is a short test run? For GPU formats, even processing the first
block of MAX_KEYS_PER_CRYPT candidate passwords can easily take several
minutes.

Also, what kind of wrapper parameters do you think you'll need?


Frank

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.