Wow check this out…………..Warning for all….

Home Forums General Banter Wow check this out…………..Warning for all….

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
  • #65792

    Ok I grabbed this a while back and thought I would run it to see some differences in testing hardware. Well what I have found is not so nice……….So do we blindly except things from people because we trust them and then redistribute them because of who we are?

    Beware Linux Q Public………. Malware abounds in source. I think the package speaks volumes.

    Malware@#gfw78v6cysqv /home/*****/.phoronix-test-suite/installed-tests/pts/john-the-ripper-1.4.1/john-1.7.9-jumbo-7.tar.gz| /home/*****/.phoronix-test-suite/installed-tests/pts/john-the-ripper-1|john-1.7.9-jumbo-7/src/

    I understand why this is in there, but there should have been a warning with the package. This is a password ripper, so why is it in a testing suite for graphics and why on install is it creating it’s own links to keepass2john and keychain2john. What is it databasing for?

    The more I look the more I don’t like……

    This is in the install:

    rm -f ../run/unshadow
    ln -s john ../run/unshadow
    rm -f ../run/unafs
    ln -s john ../run/unafs
    rm -f ../run/unique
    ln -s john ../run/unique
    rm -f ../run/undrop
    ln -s john ../run/undrop
    rm -f ../run/ssh2john
    ln -s john ../run/ssh2john
    rm -f ../run/pdf2john
    ln -s john ../run/pdf2john
    rm -f ../run/rar2john
    ln -s john ../run/rar2john
    rm -f ../run/zip2john
    ln -s john ../run/zip2john

    I understand this is during the build but what does this need with ssh2, keepass2, and keychain2? I think this collecting information.


    I think they call it free databasing…#drugreference


    John is a bruteforce password cracking tool and measuring the time required to crack a given password can be a metric in a benchmark (PTS is not a graphics benchmarking suite, it tests everything).
    The stuff in the install script is nothing to worry about, about would be very disturbing is if the PTS would start peaking at /etc/shadow (but it won’t since you do not run it as root) or maybe even worse you keepass files (which it theoretically could, but is very unlikely since the code is open).

    My guess is that the John benchmark provides a fake password file with kinda weak passwords and is used as a reference for brute forcing passwords.

    It’s very likely that the other utilities (unshadow, ssh2john) are not even used but are part of the John base install (it’s quite common for a program to link itself with different names in order to set different options at runtime based on the filename)


    Oizzadude I understand what he says, but on that note if it doesn’t use keepass, keychain, or ssh2 then why are they in the source. I know what bruteforce password crackers are and every one I have ever used don’t use them. They use a dictionary or a list of preset passwords along with scripts to compile a password or crack a hash. I will just have to run it and see what it does in the process as in where it goes. This would be one way to compile one hell of a database on passwords.

Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.