Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 21 Jul 2012 17:57:12 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: WPA-PSK valid()

Lukas - oh, I see that you added validation of the base-64 encoding and
total length in valid(), but there's still no validation of eapol_size.
This must be added.  Since I am tired of "tracking" this little issue,
can you please take care of this (and re-test) within 3 days?  Thanks!

On Mon, Jul 09, 2012 at 10:57:51AM +0400, Solar Designer wrote:
> Lukas - can you implement the valid() enhancements proposed below, then
> re-test, please?  Thanks.
> 
> On Fri, Jun 29, 2012 at 12:24:47AM +0400, Solar Designer wrote:
> > Lukas -
> > 
> > On Fri, Jun 29, 2012 at 12:12:08AM +0400, Solar Designer wrote:
> > > The attached patch makes the WPA-PSK format (CPU) work on big-endian
> > 
> > BTW, perhaps eapol_size and keyver should be validated in valid() and in
> > hccap2john.c.
> > 
> > Do these come from an external tool?  Or even directly from network
> > traffic?  In the latter case, we might even have a remote arbitrary code
> > execution vulnerability here. %-)
> > 
> > Also, is it specified (where?) that these are in little-endian form, or
> > does this vary between builds of whatever tool creates the file?
> > 
> > Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ