Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20120509093626.GA12957@debian>
Date: Wed, 9 May 2012 13:36:26 +0400
From: Aleksey Cherepanov <aleksey.4erepanov@...il.com>
To: john-users@...ts.openwall.com
Subject: Aleksey's status report #2

I am sorry for a delay with this status report. In general I am far from my
schedule at this time. I will fix it as soon as possible.


Done

> > - Draft implementation of client side
> > 
> > To start development I need some more knowledge about possible architectures
> > for proposed system. So I will learn more about tools like git and rsync and
> > try to imagine full layout of things and to implement client side part
> > (wrapper around john).

I started draft implementation and already have empty wrapper. Further work is
needed.

> - Collaboration tools research

I started reading on the topic and found that I missed some interesting
points. For example important part of collaboration is a communication: during
the contest we used mailing list and irc, I saw the system for that as a web
ui with comments boards for each attack and global chat for talks not
dedicated for particular attack, but reading make me think about video or
audio conferencing. It seems strange for the contest environment but it could
natural in a corporate environment of pentesting company. And of course
different users would prefer different technologies so maybe it is more
important to provide ability to integrate with communication software rather
than to pull some in (also web ui is not a great thing for some users even if
them use only chat).


To do

> - Fix markup on the wiki page

> > - Keep and raise discussions

> > - Synchronization mechanisms research 
> > - Draft implementation of client side

> - Collaboration tools research
> - Draft implementation of server side

- Research possible statistics and their importance

It is about things like time since the last cracked password: for incremental
mode it could used to consider to stop that attack, but maybe average time per
password for last N passwords would be better, would not it?


Regards,
Aleksey Cherepanov

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.