Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 28 Oct 2014 21:10:37 +0100
From: Frank Dittrich <frank.dittrich@...lbox.org>
To: john-dev@...ts.openwall.com
Subject: segfaults in eigrp, hsrp, KeePass, skey, and SSH-ng

Hi all,

since the github issue tracker
https://github.com/magnumripper/JohnTheRipper/issues/ doesn't allow file
upload, I attach a fail.tgz with this contents:

$ tar tvzf fail.tgz     
drwxrwxr-x fd/fd             0 2014-10-28 21:06 fail/
-rw-rw-r-- fd/fd          4355 2014-10-27 18:36 fail/fail_eigrp.pw
-rw-rw-r-- fd/fd         10034 2014-10-27 18:56 fail/fail_skey.pw
-rw-rw-r-- fd/fd          2720 2014-10-27 19:01 fail/fail_SSH-ng.pw
-rw-rw-r-- fd/fd          4167 2014-10-28 21:06 fail/fail_hsrp.pw
-rw-rw-r-- fd/fd          1444 2014-10-27 18:46 fail/fail_KeePass.pw

Each of these files contains a single test hash which causes the
corresponding format to segfault, so valid() needs to be improved.
These formats do have either a format2john.py or format2john converter,
which most likely create hashes that don't cause segfaults.
Nevertheless, john shouldn't segfault on these input files.
Just call john with the fail/fail_<format>.pw file name as the only
parameter to reproduce the segfault.

Frank


Download attachment "fail.tgz" of type "application/x-gzip" (2931 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ