Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 8 Jan 2014 05:19:10 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: 7z2john.py removal of some broken code

magnum, Dhiru -

As discussed with Dhiru off-list, 7z2john.py fails with:

  File "./JohnTheRipper/run/7z2john.py", line 810, in __init__
    if not self.checkcrc(folder.crc, data[0:size]):
UnboundLocalError: local variable 'size' referenced before assignment

at least on archives that start with some unencrypted files followed by
encrypted files with no header encryption.  We don't support encrypted
archives with no header encryption yet, but we should at least fail
gracefully - and we do with the attached patch.

I've also verified that the output from 7z2john.py stays the same (after
applying the patch) for an archive with header encryption (which we do
support).

Please apply.

There's still a lot more of broken/unused code in this script, and we do
need to add support for archives with no header encryption, as well as
for archives with simultaneous use of different encryption types
(headers encrypted vs. not) and/or with different passwords for
different files.  This gets tricky.  Someone else (not me) should work
on it.  BTW, I think 7-Zip calls these differently processed things
"blocks".  Extra blocks may be created by appending to a previously
created archive, so I think this is where (in terms of user interface)
such weird archives come from in the wild.

Alexander

View attachment "7z2john.diff" of type "text/plain" (1820 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ