Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CABtNtWEb0DV2vkRZ9hzptXBsa+hXQr7RxDNNDnCe3GVRNQf0dQ@mail.gmail.com>
Date: Sat, 25 Apr 2015 11:03:01 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: Advice on proposal: John the Ripper jumbo robustness

> Please try to also undo other optimizations. E.g. enable dymanics, use
full
> config file, etc. If it's done only once it should not visibly affect
fuzzing
> speed.

> BTW, as a separate experiment, please try fuzzing with and without
> --nolog and --skip-self-test. I've seen faster fuzzing without these
options
> in some tests.

I did 5 experiments on each case. The exec speed is sampled when the run
time between 1 minute to 2 minute. Below are the datas.

1. Disable dynamics and do not use full config
-------------------------------------------------------------

$ export AFL_DEFER_FORKSRV='1'
$ echo '[Options]' > local.conf
$ echo garbage > test_cases/test.pw
$ afl-fuzz -m none -i test_cases/ -o out ../john @@ --nolog
--skip-self-test --format=7z --config=local.conf

-----------------------------------------------------
              | id | exec timing | exec speed  |
-----------------------------------------------------
              | 1  |  476us        | 2200~2230  |
-----------------------------------------------------
              | 2  |  465us        | 2185~2210  |
-----------------------------------------------------
              | 3  |  481us        | 2178~2200  |
-----------------------------------------------------
              | 4  |  494us        | 2169~2190  |
-----------------------------------------------------
              | 5  |  479us        | 2168~2190  |
-----------------------------------------------------
average |     | 479us         | 2168~2230  |
-----------------------------------------------------

2. Enable dynamics
--------------------------

$ export AFL_DEFER_FORKSRV='1'
$ echo '[Options]' > local.conf
$ echo garbage > test_cases/test.pw
$ afl-fuzz -m none -i test_cases/ -o out ../john @@ --nolog
--skip-self-test --format=7z --config=local.conf

-----------------------------------------------------
              | id | exec timing | exec speed  |
-----------------------------------------------------
              | 1  |  496us        | 2139~2160  |
-----------------------------------------------------
              | 2  |  499us        | 2133~2160  |
-----------------------------------------------------
              | 3  |  502us        | 2150~2162  |
-----------------------------------------------------
              | 4  |  480us        | 2091~2103  |
-----------------------------------------------------
              | 5  |  511us        | 2078~2113  |
-----------------------------------------------------
average |     |  497us        | 2078~2162  |
-----------------------------------------------------

The speed is about 100/sec smaller. Because we enable dynamic, then
there are more formats, and we try to valid the hash with each format, so
it is a little smaller.

3. Full config file
----------------------

$ export AFL_DEFER_FORKSRV='1'
$ echo garbage > test_cases/test.pw
$ afl-fuzz -m none -i test_cases/ -o out ../john @@ --nolog
--skip-self-test --format=7z

-----------------------------------------------------
              | id | exec timing | exec speed  |
-----------------------------------------------------
              | 1  |  536us        | 2004~2017  |
-----------------------------------------------------
              | 2  |  527us        | 1950~1993  |
-----------------------------------------------------
              | 3  |  512us        | 1896~2000  |
-----------------------------------------------------
              | 4  |  534us        | 1969~1982  |
-----------------------------------------------------
              | 5  |  507us        | 2000~2020  |
-----------------------------------------------------
average |     | 523us         | 1896~2020  |
-----------------------------------------------------

The speed is about 200 smaller. Even though we read and parse config file
once, but there are also some calls, such as in the function:
ldr_load_pw_file() calls cfg_get_bool(), and the cfg_get_bool() will
traverse
all the sections of config which is slow when the config file is large.

4. Without --nolog
------------------------

$ export AFL_DEFER_FORKSRV='1'
$ echo '[Options]' > local.conf
$ echo garbage > test_cases/test.pw
$ afl-fuzz -m none -i test_cases/ -o out ../john @@ --skip-self-test
--format=7z --config=local.conf

-----------------------------------------------------
              | id | exec timing | exec speed  |
-----------------------------------------------------
              | 1  |  484us        | 2186~2197  |
-----------------------------------------------------
              | 2  |  486us        | 2136~2151  |
-----------------------------------------------------
              | 3  |  481us        | 2146~2167  |
-----------------------------------------------------
              | 4  |  455us        | 2176~2185  |
-----------------------------------------------------
              | 5  |  469us        | 2163~2173  |
-----------------------------------------------------
average |     | 475us         | 2136~2197  |
-----------------------------------------------------

Without --nolog and with --nolog seems no difference on the speed, but
I am afraid that the john.log will become very large after a long time, and
I think the speed will slow then.

5. Without --skip-self-test
----------------------------------

$ export AFL_DEFER_FORKSRV='1'
$ echo '[Options]' > local.conf
$ echo garbage > test_cases/test.pw
$ afl-fuzz -m none -i test_cases/ -o out ../john @@ --nolog --format=7z
--config=local.conf

-----------------------------------------------------
              | id | exec timing | exec speed  |
-----------------------------------------------------
              | 1  |  499us        | 2135~2151  |
-----------------------------------------------------
              | 2  |  462us        | 2159~2172  |
-----------------------------------------------------
              | 3  |  466us        | 2166~2183  |
-----------------------------------------------------
              | 4  |  469us        | 2146~2152  |
-----------------------------------------------------
              | 5  |  495us        | 2178~2191  |
-----------------------------------------------------
average |     | 478us         | 2135~2191  |
-----------------------------------------------------

Without --skip-self-test and with --skip-self-test seems no difference on
the
speed. Since we return after john_init(), it will not call fmt_self_test().
In this
case, this parameter is useless.


Thanks,

Kai

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.