Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 11 Apr 2013 11:15:33 +0200
From: Frank Dittrich <frank_dittrich@...mail.com>
To: john-dev@...ts.openwall.com
Subject: Re: testing all valid()s

Other formats that lack proper valid() implementations:

FGT_fmt_plug.c:73:static int FGT_valid(char *ciphertext, struct fmt_main
*self)
FGT_fmt_plug.c-74-{
FGT_fmt_plug.c-75-      if (strncmp(ciphertext, "AK1", 3))
FGT_fmt_plug.c-76-              return 0;
FGT_fmt_plug.c-77-      if (strlen(ciphertext) != HASH_LENGTH)
FGT_fmt_plug.c-78-              return 0;
FGT_fmt_plug.c-79-
FGT_fmt_plug.c-80-      return 1;
FGT_fmt_plug.c-81-}

A valid hash looks like this:
AK1wTiFOMv7mZOTvQNmKQBAY98hZZjSRLxAY8vZp8NlDWU=


SybaseASE_fmt_plug.c:94:static int valid(char *ciphertext, struct
fmt_main *self)
SybaseASE_fmt_plug.c-95-{
SybaseASE_fmt_plug.c-96-    if(strncmp(ciphertext, "0xc007", 6)!=0)
SybaseASE_fmt_plug.c-97-        return 0;
SybaseASE_fmt_plug.c-98-    if(strlen(ciphertext) != CIPHERTEXT_LENGTH)
SybaseASE_fmt_plug.c-99-        return 0;
SybaseASE_fmt_plug.c-100-
SybaseASE_fmt_plug.c-101-    return 1;
SybaseASE_fmt_plug.c-102-}

Needs a check that everything after the "0xc007" prefix is just [0-9a-f].

mssql12_fmt_plug.c:86:static int valid(char *ciphertext, struct fmt_main
*self)
mssql12_fmt_plug.c-87-{
mssql12_fmt_plug.c-88-  if(strncmp(ciphertext, "0x0200", 6))
mssql12_fmt_plug.c-89-          return 0;
mssql12_fmt_plug.c-90-  return 1;
mssql12_fmt_plug.c-91-}

Everything following the "0x0200" prefix has to be [0-9A-F].

nsldap_fmt_plug.c:91:static int valid(char *ciphertext, struct fmt_main
*self)
nsldap_fmt_plug.c-92-{
nsldap_fmt_plug.c-93-   if (ciphertext && strlen(ciphertext) ==
CIPHERTEXT_LENGTH)
nsldap_fmt_plug.c-94-           return !strncasecmp(ciphertext,
NSLDAP_MAGIC, NSLDAP_MAGIC_LENGTH);
nsldap_fmt_plug.c-95-   return 0;
nsldap_fmt_plug.c-96-}

A valid hash looks like this: {SHA}fEqNCco3Yq9h5ZUglD3CZJT4lBs=

unused/weird_another_fmt_plug.c:86:static int valid(char *ciphertext,
struct fmt_main *self)
unused/weird_another_fmt_plug.c-87-{
unused/weird_another_fmt_plug.c-88-     if (strncmp(ciphertext,
"$weird$", 7) != 0)
unused/weird_another_fmt_plug.c-89-             return 0;
unused/weird_another_fmt_plug.c-90-     return 1;
unused/weird_another_fmt_plug.c-91-}

As long as this format is unused, this probably doesn't matter.

unused/weird_fmt_plug.c:65:static int valid(char *ciphertext, struct
fmt_main *self)
unused/weird_fmt_plug.c-66-{
unused/weird_fmt_plug.c-67-     // format
$weird$version*salt*iterations*hash
unused/weird_fmt_plug.c-68-     if (strncmp(ciphertext, "$weird$", 7) != 0)
unused/weird_fmt_plug.c-69-             return 0;
unused/weird_fmt_plug.c-70-     return 1;
unused/weird_fmt_plug.c-71-}

(unused as well)

vms_fmt_plug.c:60:static int valid(char *ciphertext, struct fmt_main *self )
vms_fmt_plug.c-61-{
vms_fmt_plug.c-62-      if (strncmp(ciphertext, "$V$", 3)) return 0;
/* no match */
vms_fmt_plug.c-63-      if ( strlen ( ciphertext ) < (UAF_ENCODE_SIZE-1) )
vms_fmt_plug.c-64-              return 0;
vms_fmt_plug.c-65-      return 1;
vms_fmt_plug.c-66-}


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ