This shows you the differences between two versions of the page.
john:johnny-roadmap [2015/05/29 12:03] shinnok [Sprint 1.5] |
john:johnny-roadmap [2016/04/05 15:30] (current) shinnok |
||
---|---|---|---|
Line 12: | Line 12: | ||
* Johnny should be viewed as a learning avenue into password security. It displays info in a more intuitive fashion(unlike the CLI option), makes using the powerful JtR a breeze. | * Johnny should be viewed as a learning avenue into password security. It displays info in a more intuitive fashion(unlike the CLI option), makes using the powerful JtR a breeze. | ||
* Nonetheless, the tool shouldn't be dumbed down to cater only to beginners, we need to expose as much functionality as we can carefully so that it is useful for professionals too. | * Nonetheless, the tool shouldn't be dumbed down to cater only to beginners, we need to expose as much functionality as we can carefully so that it is useful for professionals too. | ||
- | * Follow the coding style outlined at http://doc.qt.digia.com/qtcreator-extending/coding-style.html and the simplified ones at http://wiki.qt.io/Qt_Coding_Style and http://wiki.qt.io/Coding_Conventions. | ||
+ | Notes: | ||
+ | * Development, issue tracking and code integration is taking place at Github: https://github.com/shinnok/johnny | ||
+ | * Only planned and considerable tasks are listed in this document. Everything else is over on Github | ||
+ | * Discussion, community feedback and announcements are happening over at john-dev and john-users lists http://www.openwall.com/lists/ | ||
+ | * Follow the coding style outlined at http://doc.qt.digia.com/qtcreator-extending/coding-style.html and the simplified ones at http://wiki.qt.io/Qt_Coding_Style and http://wiki.qt.io/Coding_Conventions. Exception: Opening curly braces should go on a new line. | ||
====== Milestones ====== | ====== Milestones ====== | ||
==== Sprint 1.2 ==== | ==== Sprint 1.2 ==== | ||
- <del>Upgrade to Qt 5 (keep Qt 4 compat. for now) [Shinnok]</del> | - <del>Upgrade to Qt 5 (keep Qt 4 compat. for now) [Shinnok]</del> | ||
- | - Add and use elided text QLabel where needed ( and possibly QPushButton ) [Shinnok] | + | - <del>Add and use elided text QLabel where needed ( and possibly QPushButton ) [Shinnok]</del> |
+ | - <del>Code refactoring and enforcing of style and conventions [Shinnok]</del> | ||
- <del>Fix any outstanding bugs or crashes [Shinnok]</del> | - <del>Fix any outstanding bugs or crashes [Shinnok]</del> | ||
* <del>Johnny consumes cpu even when it isn't doing anything. (10-15% of one core, OS X, app just launched and thus no operation was started)</del> | * <del>Johnny consumes cpu even when it isn't doing anything. (10-15% of one core, OS X, app just launched and thus no operation was started)</del> | ||
Line 25: | Line 30: | ||
* <del>Johnny asks for confirmation to kill JtR twice if a session is running on quit</del> | * <del>Johnny asks for confirmation to kill JtR twice if a session is running on quit</del> | ||
==== Sprint 1.3 ==== | ==== Sprint 1.3 ==== | ||
- | - UI overhaul [Shinnok] (better sidebar navigation, proper layout constraints so that UI elements look nice, e.g. the button's in the Settings page are a mile long, update UI to modern desktops(current is reminiscent of the KDE 3 era), etc..) | + | - <del>UI overhaul #1 (better sidebar navigation, proper layout constraints so that UI elements look nice, e.g. the button's in the Settings page are a mile long, update UI to modern desktops(current is reminiscent of the KDE 3 era), etc..) [Shinnok]</del> |
- | - Rethink the progress bar [Shinnok] | + | - <del>Make due with the various usability issues #1 [Shinnok]</del> |
- | - Make due with the various usability issues [Shinnok] | + | - <del>Support for OS X and dmg distribution package [Mathieu]</del> |
+ | - <del>Support for Windows and setup installer via Qt Installer Framework [Mathieu]</del> | ||
==== Sprint 1.4 ==== | ==== Sprint 1.4 ==== | ||
- <del>Make sure all strings are translatable and add language switching support [Mathieu]</del> | - <del>Make sure all strings are translatable and add language switching support [Mathieu]</del> | ||
Line 37: | Line 42: | ||
==== Sprint 1.5 ==== | ==== Sprint 1.5 ==== | ||
- | - Manual plain-text guessing for individual ciphers (directly in the table view) [Mathieu] | + | - <del>Manual plain-text guessing via I'm feeling lucky button [Mathieu]</del> |
- | - Hash type suggestion/guessing for individual hashes (which is the best way? do we have any support from JtR jumbo with that) [Mathieu] | + | - <del>Jumbo features #1: Hash type suggestion/guessing for individual hashes in the Passwords tab [Mathieu+Aleksey]</del> |
- | - Separate the CLI wrapper and compute handlers from the UI code and use proper threading. Any delays in processing or JtR crashes shouldn't affect or be mirrored by Johnny. [Shinnok+Mathieu] | + | - <del>Separate the CLI wrapper and compute handlers from the UI code and use proper threading. Any delays in processing or JtR crashes shouldn't affect or be mirrored by Johnny. [Shinnok+Mathieu]</del> |
+ | - <del>Multiple cracking session management(session history and proper session preferences storage) [Mathieu]</del> | ||
- | ==== Sprint 1.6 ==== | + | All of the previous development sprints have been merged into a single release, namely 2.0. What follows are the sprints from 2.0 onwards. Some tasks are still work in progress (see sprint 1.3 for e.g.) and have been dragged along to the next phase. |
- | - Multiple pwd files session management(multiple cracking sessions management) | + | |
- | - Ability to select/deselect individual hashes from being handled in a cracking session(maybe via a simple checkbox to each row?) | + | |
- | - Search/Filter inside the Passwords tab table view | + | |
- | ==== Sprint 1.7 ==== | + | ==== Sprint 2.1 ==== |
- | - Export to CSV and columnated txt. | + | - <del>Ability to select/deselect individual hashes from being handled in a cracking session(maybe via a simple checkbox to each row?) [Mathieu]</del> |
- | - Dictionary editing and generation based on interactive rule sets? | + | - <del>Search/Filter inside the Passwords tab table view [Mathieu]</del> |
- | - Figure out how to implement *2john conversion support and implement it | + | - <del>Settings refactoring (#9, #13) [Mathieu]</del> |
+ | - <del>UI overhaul #2 (better sidebar navigation, proper layout constraints so that UI elements look nice, e.g. the button's in the Settings page are a mile long, update UI to modern desktops(current is reminiscent of the KDE 3 era), etc..) [Shinnok + Mathieu]</del> | ||
+ | - <del>Make due with the various usability issues #2 [Shinnok]</del> | ||
+ | - <del>Handle all Github issues assigned to 2.1 milestone [Mathieu + Shinnok]</del> | ||
+ | ==== Sprint 2.2 ==== | ||
+ | - <del>Export to CSV and colon separated password format</del> | ||
+ | - <del>Implement *2john conversion support via the Open file menu</del> | ||
+ | - <del>Jumbo features #2 (support for jumbo attack modes)</del> | ||
+ | - <del>Handle all Github issues assigned to 2.2 milestone [Mathieu + Shinnok</del>] | ||
- | ==== Sprint 1.8 ==== | + | ==== Sprint 2.3 ==== |
- | - Jumbo support (this task needs an evaluation and a further breakdown) | + | - Cleanup code base using clang-format [Shinnok] |
- | + | - Jumbo features #3 | |
- | ==== Sprint 1.9 ==== | + | - Console log improvements (see github issues) |
+ | - Figure out the John standard out/in buffering issues and how to make Johnny interact with John without waiting for process finish | ||
+ | - Dictionary editing and generation based on interactive rule sets (?) | ||
+ | - Handle all Github issues assigned to 2.3 milestone [Mathieu + Shinnok] | ||
+ | ==== Sprint 2.4 ==== | ||
+ | - Jumbo features #4: Further jumbo integration | ||
- Add tooltips to all UI actions that are not very self explanatory to a new comer | - Add tooltips to all UI actions that are not very self explanatory to a new comer | ||
- | - Maybe change the icon pack [TBD Shinnok] | + | - Maybe change the icon pack [Shinnok] |
- | - Support for OS X and distribution package(?DMG package, should include JtR?) | + | |
- | - Does Windows build? | + | |
- | - Figure out distribution channels and platforms installers. See category Brainstorming bellow. | + | |
- | ==== Sprint 2.0 ==== | + | ==== Sprint 2.5 ==== |
- | - Fix any outstanding bugs left or introduced lately. | + | - Further jumbo integration |
- | - Polish up the UI and resolve edge cases. | + | - Post-cracking statistics regarding the frequency of passwords, characters, lengths. Pre-cracking stats like freq. of hash types, NULL hashes, etc.. Provided in the statistics pane |
- | - Proper installers, if any. See category Brainstorming bellow. | + | - Fix any outstanding bugs left or introduced lately |
- | + | - Polish up the UI and resolve edge cases | |
- | ==== Sprint 2.1 ==== | + | - Time to reconsider the platform installers and distribution channels. Any new considerations since the 2.0 decisions? |
- | - Post-cracking statistics regarding the frequency of passwords, characters and lengths, would be nice. Provided in a new statistics pane. | + | ==== Sprint 2.6 ==== |
- Further jumbo integration | - Further jumbo integration | ||
- To the future and beyond | - To the future and beyond | ||
Line 74: | Line 87: | ||
====== Brainstorming ====== | ====== Brainstorming ====== | ||
- | + | * Rethink the progress bar, can we replace it with something else? If not, what info is most valuable to be displayed inside it. | |
- | * Do we want to officially support and maintain any platform installers(Windows, OS X, Debian, Ubuntu)? Is that too much trouble for us or should we just rely on 3rd party distrib. maintainers or others to do that? That is only provide build from source INSTALL instructions. | + | * Is there any value in being able to run multiple instances of Johnny on the same machine? Probably not if we implement sessions... |
- | * Is there any value in doing so even if we don't bundle JtR itself into the platform bundle too? Is this sound to do at all for Linux distros(regarding the bundling), or too much trouble? | + | * Which jumbo features are the most important to implement? |
- | * Is there any value in being able to run multiple instances of Johnny on the same machine? Probably not if we implement sessions.. | + | |
* How can we support distributed JtR cracking in the future? | * How can we support distributed JtR cracking in the future? |