Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 15 Sep 2012 03:13:42 +0400
From: Solar Designer <>
Subject: "single crack" missing candidates (was: Office2john)

magnum -

On Fri, Sep 14, 2012 at 11:22:53PM +0200, magnum wrote:
> Is there any chance a very loaded GECOS field can "overwrite" the login field or otherwise screw Single mode from getting a candidate from that field?

Normally, no.

> I tried to spot any limitation on GECOS stuff other than LINE_BUFFER_SIZE but did not find any.

There are also LDR_WORDS_MAX and SINGLE_WORDS_PAIR_MAX, but they should
not cause the behavior you're describing.

Does your copy of single.c include these lines? -

 * We use "short" for buffered key indices and "unsigned short" for buffered
 * key offsets - make sure these don't overflow.
	if (key_count > 0x8000)
		key_count = 0x8000;
	while (key_count > 0xffff / length + 1)
		key_count >>= 1;

Is "offset" in "struct db_keys_hash_entry" actually "unsigned short"
(rather than simply "short")?

There were fairly recent fixes in this area.  Without them, GPU formats
with large min_keys_per_crypt settings could result in "single crack"
missing candidate passwords.


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ