john-dev - Fuzzing Report on 2john tools

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [day] [month] [year] [list]

Date: Tue, 19 May 2015 09:39:01 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Fuzzing Report on 2john tools

There are 62  2john tools, 35 tools are by python, 7 tools are by perl, 20
tools are by C. So I tested the 20 C tools, since afl only support C/C++.

Among the 20 C tools, there are 12 tools with bugs:

gpg2john
keepass2john
keyring2john
keystore2john
kwallet2john
luks2john
pwsafe2john
rar2john
ssh2john
vncpcap2john
wpapcap2john
zip2john

general bugs analysis
-----------------------------

1. buffer overflow

https://github.com/magnumripper/JohnTheRipper/pull/1312

2. heap buffer overflow

Such as, forget to check the buffer size before fread() put bytes into it.

https://github.com/magnumripper/JohnTheRipper/pull/1326
https://github.com/magnumripper/JohnTheRipper/pull/1313

3. using assert() and it leads to 'Aborted'

https://github.com/magnumripper/JohnTheRipper/pull/1318

4. others

Such as, forget to check return value of jtr_fopen().

https://github.com/magnumripper/JohnTheRipper/pull/1321

Thanks,

Kai

Content of type "text/html" skipped

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.