Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 27 May 2015 15:43:55 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Fuzzing Report on external mode

1. How to fuzz
--------------------

There are several conf file in  JOHN/run. Split each external mode to one
single file.

$ ls external_conf
awepasswordgenerator.conf
datetime.conf
dokuwiki.conf
double_all.conf
double_alnum.conf
double.conf
dumbdumb.conf
dumbforce.conf
kdepaste.conf
keyboard.conf
knownforce.conf
lanman.conf
others.conf
repeat_digits.conf
repeats.conf
repeats_lowercase.conf
repeats_printable_ASCII.conf
sequence_0-9.conf
sequence_a-z.conf
sequence.conf
sequence_printable_ascii.conf
sequence_reversed_ascii.conf
sequence_z-a.conf
strip.conf
subset.conf

Change the external mode of each file to "List.External:lanman"

$ cat test_pw
$apr1$a2Jqm...$grFrwEgiQleDr0zR4Jx1b.

fuzzer status

start_time     : 1432366185
last_update    : 1432598766
fuzzer_pid     : 19017
cycles_done    : 0
execs_done     : 8232393
execs_per_sec  : 71.89
paths_total    : 886
paths_found    : 861
paths_imported : 0
max_depth      : 3
cur_path       : 132
pending_favs   : 239
pending_total  : 873
variable_paths : 0
bitmap_cvg     : 3.47%
unique_crashes : 87
unique_hangs   : 94
last_path      : 1432561540
last_crash     : 1432504837
last_hang      : 1432581563
exec_timeout   : 120
afl_banner     : john
afl_version    : 1.79b
command_line   : afl-fuzz -m none -i external_conf/ -o out ../john test_pw
--format=md5crypt --external=lanman --config=@@


2. Bug analysis
--------------------

I created 5 issues on github, but there maybe only two bugs.
The bugs are **core john bugs**.

Segment Fault, Heap buffer overflow and Global buffer overflow:
(The 4 issues maybe by the same bug)

https://github.com/magnumripper/JohnTheRipper/issues/1358
https://github.com/magnumripper/JohnTheRipper/issues/1360
https://github.com/magnumripper/JohnTheRipper/issues/1363
https://github.com/magnumripper/JohnTheRipper/issues/1364

Floating point exception:

https://github.com/magnumripper/JohnTheRipper/issues/1362


Thanks,

Kai

[ CONTENT OF TYPE text/html SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ