Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CABtNtWF6Bz4TKryN9hPnFW+G-AjOazWRZt=P+on0aO6Uf7ocaw@mail.gmail.com>
Date: Sat, 15 Aug 2015 21:32:52 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: --test-full=0 crashes the Bitcoin format

Hi Alexander,

On Sat, Aug 15, 2015 at 9:16 PM, Solar Designer <solar@...nwall.com> wrote:
> Kai,
>
> On Sat, Aug 15, 2015 at 04:39:04PM +0800, Kai Zhao wrote:
>> There maybe at least 1 crash when you run 100 times. As to asan, I think
>> it does not help. I have not see any asan error.
>
> OK.  The lack of ASan errors can help narrow down the search, too - when
> you review the code, you won't need to spend time on potential issues
> that would be expected to be detected by ASan.
>
> For example, the memory overwrite might be inside calls into libcrypto
> functions.  Since you're only compiling JtR itself with ASan, those
> would go undetected.  And yes, compiling OpenSSL with ASan as well
> might be a way to figure this out.  Or just careful review of the code
> will do, probably quicker.
>
>> It can be reproduced separately almost 1~2 crash with 200 times. I create
>> an issue:
>>
>> https://github.com/magnumripper/JohnTheRipper/issues/1667
>
> In there, you wrote:
>
> "If your bitcoin.max is not 64, I think you can not reproduce this bug.
> Maybe you can reproduce it on super."
>
> What's "bitcoin.max"?  I can't find it:
>
> [solar@...er src]$ fgrep -ri bitcoin.max .
> [solar@...er src]$
>
> Do you possibly mean this format's max_keys_per_crypt?

Yes. My mistake. Updated.

> If so, of course
> you can make it 64 on your laptop as well: set OMP_NUM_THREADS=32 before
> running john.  Like this:
>
> OMP_NUM_THREADS=32 ./john pwfile --format=bitcoin --wordlist=pwd.lst --skip-self-test
>

Yes, after set OMP_NUM_THREADS=32, the max_keys_per_crypt is 64. But I
have not reproduced on my laptop after running about 200 times.

>
> Kai, you're currently running two instances of john on super:
>
> kai      28475 1159  0.0 2413324 7392 ?        Sl   05:50 7207:40 ./john --test-full=0 --format=bitcoin
> kai      31899  825  0.0 2413324 7360 ?        Sl   06:29 4806:53 ./john --test-full=0 --format=bitcoin
>
> bringing load average to 37.00.  What are these trying to achieve?
> Suppose one of them or both would crash, would this help in any way?
>

Sorry, the two process maybe are zombie process. I did not notice that
and I just killed them.


Thanks,

Kai

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.