Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <553049C0.4060100@openwall.com>
Date: Fri, 17 Apr 2015 02:46:08 +0300
From: Alexander Cherepanov <ch3root@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: Advice on proposal: John the Ripper jumbo robustness

On 2015-03-27 03:50, Kai Zhao wrote:
>> I think it's better explain what do you think about and why custom fuzzer
>> will be better
>
> I explained at my proposal, and I think it would be better to explain it
> here too.

Sorry I've not replied earlier.

> Why we need custom fuzzer?
> ----------------------------------------
> Because AFL can not fuzz command-line options and environment variables.
> Currently we fuzz sinlge input data, and I think we can fuzz more than one
> kind of input data at the same time(e.g., fuzz hashes and command-line at
> the same time)

I think this can be dealt with relatively easy, without creating 
something complex and definitely without creating a separate fuzzer.

The nice thing about afl is that it's very advanced due to being 
feedback-driven. It would be a pity to throw this away. If afl cannot 
readily fuzz some kind of input data it's usually not that difficult to 
make the tested program compatible with afl by modifying it to read its 
input data from a file. Another possibility is to modify afl to supply 
input via, e.g., a environment variable.

A custom fuzzer could be useful when it's easy to write one and there 
are many issues with the code. After most easy issues are found, I think 
it's better to switch to afl than to try implement something advanced.

> Why implement custom fuzzer in the first timeline?
> -------------------------------------------------------------------
> Since fuzzing takes a lot of time, so I think I should implement custom
> fuzzer first. Thus, we will have enough time to fuzz and improve the custom
> fuzzer

Your initial proposal implied creation of detailed description of each 
kind of hashes. This is problematic -- it requires a lot of hand work. 
Describing a hash for fuzzing is not much easier than writing a valid() 
for it. If you are spending time diving into the details of the hash 
structure then you can just write valid() for it as well.

-- 
Alexander Cherepanov

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.