Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 3 Aug 2015 16:01:14 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: more robustness

Hi Alexander,

On Sun, Jul 5, 2015 at 12:34 AM, Solar Designer <solar@...nwall.com> wrote:
>
> So when max_keys_per_crypt is higher than 1, and it usually is, the
> current self-test would only test one key at a time anyway.  This means
> that computation for other key indices is left untested.  This is
> mitigated by testing multiple key indices like that:
>
> /* 0 1 2 3 4 6 9 13 19 28 42 63 94 141 211 316 474 711 1066 ... */
>                 if (index >= 2 && max > ntests)
>                         index += index >> 1;
>                 else
>                         index++;
>
> but as you can see this does not result in an exhaustive set of indices,
> and it is very wasteful (e.g., 712 passwords are hashed, most of them
> uninitialized, to test only one index 711).
>

I may find a bug as you described. It cracks when there is only 1 password,
but it fails when there is more then 1 passwords.

Below is the detailed description.

1. Format = Oracle12C

static struct fmt_tests tests[] = {
{"$oracle12c$e3243b98974159cc24fd2c9a8b30ba62e0e83b6ca2fc7c55177c3a7f82602e3bdd17ceb9b9091cf9dad672b8be961a9eac4d344bdba878edc5dcb5899f689ebd8dd1be3f67bff9813a464382381ab36b",
"epsilon"},
        {NULL}
};

2. Run self-test (PASS)

$ ../john --test=0 --format=oracle12c
Will run 8 OpenMP threads
Testing: Oracle12C [PBKDF2-SHA512 256/256 AVX2 4x]... (8xOMP) PASS

3. Run with wordlist which has only 1 password (Cracked)

$ cat pwfile.oracle12c
$oracle12c$e3243b98974159cc24fd2c9a8b30ba62e0e83b6ca2fc7c55177c3a7f82602e3bdd17ceb9b9091cf9dad672b8be961a9eac4d344bdba878edc5dcb5899f689ebd8dd1be3f67bff9813a464382381ab36b

$ cat password.lst
epsilon

$ rm ../john.pot && ../john pwfile.oracle12c --format=oracle12c
--skip-self-test --wordlist=password.lst

Using default input encoding: UTF-8
Loaded 1 password hash (Oracle12C [PBKDF2-SHA512 256/256 AVX2 4x])
Will run 8 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
oracle12c_fmt_plug.c:252 set_key(key='epsilon', index=0)
oracle12c_fmt_plug.c:183 crypt_all(*pcount=1)
oracle12c_fmt_plug.c:229 cmp_all(count=1)
epsilon          (?)
1g 0:00:00:00 DONE (2015-08-03 15:52) 100.0g/s 100.0p/s 100.0c/s 100.0C/s
epsilon
Use the "--show" option to display all of the cracked passwords reliably
Session completed

4. Run with wordlist which has two passwords (Failed)

$ cat password.lst
123
epsilon

$ rm ../john.pot && ../john pwfile.oracle12c --format=oracle12c
--skip-self-test --wordlist=password.lst

Using default input encoding: UTF-8
Loaded 1 password hash (Oracle12C [PBKDF2-SHA512 256/256 AVX2 4x])
Will run 8 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
oracle12c_fmt_plug.c:252 set_key(key='123', index=0)
oracle12c_fmt_plug.c:252 set_key(key='epsilon', index=1)
oracle12c_fmt_plug.c:183 crypt_all(*pcount=2)
oracle12c_fmt_plug.c:229 cmp_all(count=2)
0g 0:00:00:00 DONE (2015-08-03 15:54) 0g/s 200.0p/s 200.0c/s 200.0C/s
123..epsilon
Session completed

So is this a bug ?

This is found by the --test-full.

        format->methods.clear_keys();
        for (i = 0; i < max - 1; i++) {
                char *pCand = longcand(format, i, ml);
                fmt_set_key(pCand, i);
        }
        fmt_set_key(current->plaintext, max - 1);

then try to crypt_all(&max, NULL), then cmp_all(...), the Oracle12C is the
only one which failed.


Thanks,

Kai

Content of type "text/html" skipped

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ