Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 8 Jan 2014 05:19:10 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: 7z2john.py removal of some broken code

magnum, Dhiru -

As discussed with Dhiru off-list, 7z2john.py fails with:

  File "./JohnTheRipper/run/7z2john.py", line 810, in __init__
    if not self.checkcrc(folder.crc, data[0:size]):
UnboundLocalError: local variable 'size' referenced before assignment

at least on archives that start with some unencrypted files followed by
encrypted files with no header encryption.  We don't support encrypted
archives with no header encryption yet, but we should at least fail
gracefully - and we do with the attached patch.

I've also verified that the output from 7z2john.py stays the same (after
applying the patch) for an archive with header encryption (which we do
support).

Please apply.

There's still a lot more of broken/unused code in this script, and we do
need to add support for archives with no header encryption, as well as
for archives with simultaneous use of different encryption types
(headers encrypted vs. not) and/or with different passwords for
different files.  This gets tricky.  Someone else (not me) should work
on it.  BTW, I think 7-Zip calls these differently processed things
"blocks".  Extra blocks may be created by appending to a previously
created archive, so I think this is where (in terms of user interface)
such weird archives come from in the wild.

Alexander

diff --git a/run/7z2john.py b/run/7z2john.py
index 54cdcbc..9a2f9be 100755
--- a/run/7z2john.py
+++ b/run/7z2john.py
@@ -31,6 +31,9 @@ from binascii import unhexlify
 from datetime import datetime
 try:
     import pylzma
+# To install pylzma on Ubuntu:
+# apt-get install python-pip python-dev
+# pip install pylzma # may do as non-root user in group staff
 except ImportError:
     pass
 from struct import pack, unpack
@@ -801,16 +804,16 @@ class Archive7z(Base):
                         # print flds.packed_indexes, flds.totalout
                         # XXX return can't be right
                         return
-                else:
-                    for idx in range(len(streams.packinfo.packsizes)):
-                        tmp = file.read(streams.packinfo.packsizes[idx])
-                        data += pylzma.decompress(props+tmp, maxlength=folder.unpacksizes[idx])
-
-                if folder.digestdefined:
-                    if not self.checkcrc(folder.crc, data[0:size]):
-                        raise FormatError('invalid block data')
-                    # XXX return can't be right
-                    return
+#               else:
+#                   for idx in range(len(streams.packinfo.packsizes)):
+#                       tmp = file.read(streams.packinfo.packsizes[idx])
+#                       data += pylzma.decompress(props+tmp, maxlength=folder.unpacksizes[idx])
+#
+#               if folder.digestdefined:
+#                   if not self.checkcrc(folder.crc, data[0:size]):
+#                       raise FormatError('invalid block data')
+#                   # XXX return can't be right
+#                   return
 
         # XXX this part is not done yet
         sys.stderr.write("%s : 7-Zip files without header encryption are *not* supported yet!\n" % (file.name))

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ