Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 26 Sep 2011 16:29:10 -0500
From: jmk <jmk@...fus.net>
To: john-dev@...ts.openwall.com
Subject: MSCHAPv2 Bug

Hi,

My MSCHAPv2 format appears to ignore entries in which the username is a
number (e.g., 1111). I'm not really sure why this is the case, but the
attached patch seems to correct the issue.

Thanks,
Joe



diff -rub john-1.7.8/src/MSCHAPv2_fmt_plug.c john-1.7.8-jmk/src/MSCHAPv2_fmt_plug.c
--- john-1.7.8/src/MSCHAPv2_fmt_plug.c	2011-09-26 16:13:11.432105174 -0500
+++ john-1.7.8-jmk/src/MSCHAPv2_fmt_plug.c	2011-09-26 16:13:59.312105174 -0500
@@ -145,7 +145,7 @@
   /* Validate Username Length */
   pos2++; pos = pos2;
   for (; atoi16[ARCH_INDEX(*pos2)] != 0x7F; pos2++);
-  if ( !(*pos2 && (pos2 - pos <= USERNAME_LENGTH)) )
+  if (pos2 - pos > USERNAME_LENGTH)
     return 0;
 
   return 1;

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ