Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 23 Aug 2011 22:32:40 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: check for filter() is added, patch and questions about it

Aleksey,

Thank you for your work on this!

On Tue, Aug 23, 2011 at 12:26:44PM +0400, Aleksey Cherepanov wrote:
> I fixed it and prepared 2 patches: for John and for Jumbo. Both are
> tested. I made that patch for Jumbo does not need patch for John, it
> includes all changes needed. Is it right? Or should I make patch for
> John and then patch with small Jumbo specific change to use both
> patches with Jumbo and only first with John?

You did everything right.  You also got me thinking of a possibly better
way to approach the problem.  I liked the way you made the check early
on, much sooner than external.c's check for generate().  When we make
the check this early, there's no need to log_event() the error - we're
not logging yet.  Also, the check for batch mode was not required (it
was a can't happen condition), although arguably it was cleaner/safer to
have it anyway.

Well, I ended up making more invasive changes, see below.  I've only
tested these against 1.7.8 proper so far, but I think they should work
for -jumbo as well - probably as-is.  Please test and let me know.

Index: external.c
===================================================================
RCS file: /home/cvs/cvsroot/Owl/packages/john/john/src/external.c,v
retrieving revision 1.6
diff -u -r1.6 external.c
--- external.c	27 Feb 2006 03:58:02 -0000	1.6
+++ external.c	23 Aug 2011 18:19:51 -0000
@@ -1,6 +1,6 @@
 /*
  * This file is part of John the Ripper password cracker,
- * Copyright (c) 1996-2001,2003,2004,2006 by Solar Designer
+ * Copyright (c) 1996-2001,2003,2004,2006,2011 by Solar Designer
  */
 
 #include <stdio.h>
@@ -16,10 +16,12 @@
 #include "recovery.h"
 #include "config.h"
 #include "cracker.h"
+#include "external.h"
 
 static char int_word[PLAINTEXT_BUFFER_SIZE];
 static char rec_word[PLAINTEXT_BUFFER_SIZE];
 
+unsigned int ext_flags = 0;
 char *ext_mode = NULL;
 
 static c_int ext_word[PLAINTEXT_BUFFER_SIZE];
@@ -78,6 +80,19 @@
 	f_generate = c_lookup("generate");
 	f_filter = c_lookup("filter");
 
+	if ((ext_flags & EXT_REQ_GENERATE) && !f_generate) {
+		fprintf(stderr, "No generate() for external mode: %s\n", mode);
+		error();
+	}
+	if ((ext_flags & EXT_REQ_FILTER) && !f_filter) {
+		fprintf(stderr, "No filter() for external mode: %s\n", mode);
+		error();
+	}
+	if ((ext_flags & (EXT_USES_GENERATE | EXT_USES_FILTER)) ==
+	    EXT_USES_FILTER && f_generate)
+		fprintf(stderr, "Warning: external mode defines generate(), "
+		    "but is only used for filter()\n");
+
 	ext_mode = mode;
 }
 
@@ -147,13 +162,6 @@
 
 	log_event("Proceeding with external mode: %.100s", ext_mode);
 
-	if (!f_generate) {
-		log_event("! No generate() function defined");
-		fprintf(stderr, "No generate() for external mode: %s\n",
-			ext_mode);
-		error();
-	}
-
 	internal = (unsigned char *)int_word;
 	external = ext_word;
 	while (*external)
Index: external.h
===================================================================
RCS file: /home/cvs/cvsroot/Owl/packages/john/john/src/external.h,v
retrieving revision 1.1
diff -u -r1.1 external.h
--- external.h	10 Apr 2002 14:13:25 -0000	1.1
+++ external.h	23 Aug 2011 18:19:51 -0000
@@ -1,6 +1,6 @@
 /*
  * This file is part of John the Ripper password cracker,
- * Copyright (c) 1996-2001 by Solar Designer
+ * Copyright (c) 1996-2001,2011 by Solar Designer
  */
 
 /*
@@ -12,6 +12,13 @@
 
 #include "loader.h"
 
+#define EXT_REQ_GENERATE		0x00000001
+#define EXT_REQ_FILTER			0x00000002
+#define EXT_USES_GENERATE		0x00010000
+#define EXT_USES_FILTER			0x00020000
+
+extern unsigned int ext_flags;
+
 /*
  * Defined for use in the ext_filter() macro, below.
  */
Index: options.c
===================================================================
RCS file: /home/cvs/cvsroot/Owl/packages/john/john/src/options.c,v
retrieving revision 1.22
diff -u -r1.22 options.c
--- options.c	22 Jun 2011 13:03:43 -0000	1.22
+++ options.c	23 Aug 2011 18:19:51 -0000
@@ -18,6 +18,7 @@
 #include "recovery.h"
 #include "options.h"
 #include "bench.h"
+#include "external.h"
 
 struct options_main options;
 
@@ -123,10 +124,16 @@
 
 	opt_process(opt_list, &options.flags, argv);
 
-	if ((options.flags &
-	    (FLG_EXTERNAL_CHK | FLG_CRACKING_CHK | FLG_MAKECHR_CHK)) ==
-	    FLG_EXTERNAL_CHK)
-		options.flags |= FLG_CRACKING_SET;
+	ext_flags = 0;
+	if (options.flags & FLG_EXTERNAL_CHK) {
+		if (options.flags & (FLG_CRACKING_CHK | FLG_MAKECHR_CHK)) {
+			ext_flags = EXT_REQ_FILTER | EXT_USES_FILTER;
+		} else {
+			options.flags |= FLG_CRACKING_SET;
+			ext_flags = EXT_REQ_GENERATE |
+			    EXT_USES_GENERATE | EXT_USES_FILTER;
+		}
+	}
 
 	if (!(options.flags & FLG_ACTION))
 		options.flags |= FLG_BATCH_SET;

Thanks again,

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.