Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 6 Aug 2015 19:12:26 +0300
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: auditing our use of FMT_* flags

Kai, magnum -

On Sat, Aug 01, 2015 at 11:41:54PM +0800, Kai Zhao wrote:
>  FMT_8_BIT problems.
> 
> format          = bsdicrypt
> FMT_8_BIT = no
> 
> 1. original test vector
> 
> static struct fmt_tests tests[] = {
>         {"_J9..CCCCXBrJUJV154M", "U*U*U*U*"},
>         {"_J9..CCCCXUhOBTXzaiE", "U*U***U"},
>         {"_J9..CCCC4gQ.mB/PffM", "U*U***U*"},
>         {"_J9..XXXXvlzQGqpPPdk", "*U*U*U*U"},
>         {"_J9..XXXXsqM/YSSP..Y", "*U*U*U*U*"},
>         {"_J9..XXXXVL7qJCnku0I", "*U*U*U*U*U*U*U*U"},
>         {"_J9..XXXXAj8cFbP5scI", "*U*U*U*U*U*U*U*U*"},
>         {"_J9..SDizh.vll5VED9g", "ab1234567"},
>         {"_J9..SDizRjWQ/zePPHc", "cr1234567"},
>         {"_J9..SDizxmRI1GjnQuE", "zxyDPWgydbQjgq"},
>         {"_K9..SaltNrQgIYUAeoY", "726 even"},
>         {"_J9..SDSD5YGyRCr4W4c", ""},
>         {NULL}
> };
> 
> test result = PASS
> 
> 2. Change some passwords. 'U' -> '\xD5', '*' -> '\xAA'
> 
> static struct fmt_tests tests[] = {
>         {"_J9..CCCCXBrJUJV154M", "\xD5*U*U*U*"},
>         {"_J9..CCCCXUhOBTXzaiE", "\xD5*U***U"},
>         {"_J9..CCCC4gQ.mB/PffM", "\xD5*U***U*"},
>         {"_J9..XXXXvlzQGqpPPdk", "\xAAU*U*U*U"},
>         {"_J9..XXXXsqM/YSSP..Y", "*U*U*U*U*"},
>         {"_J9..XXXXVL7qJCnku0I", "*U*U*U*U*U*U*U*U"},
>         {"_J9..XXXXAj8cFbP5scI", "*U*U*U*U*U*U*U*U*"},
>         {"_J9..SDizh.vll5VED9g", "ab1234567"},
>         {"_J9..SDizRjWQ/zePPHc", "cr1234567"},
>         {"_J9..SDizxmRI1GjnQuE", "zxyDPWgydbQjgq"},
>         {"_K9..SaltNrQgIYUAeoY", "726 even"},
>         {"_J9..SDSD5YGyRCr4W4c", ""},
>         {NULL}
> };
> 
> test result = PASS
> 
> 3. Change some passwords. 'U' -> '\xD5', '*' -> '\xAA'
> static struct fmt_tests tests[] = {
>         {"_J9..CCCCXBrJUJV154M", "\xD5*U*U*U*"},
>         {"_J9..CCCCXUhOBTXzaiE", "\xD5*U***U"},
>         {"_J9..CCCC4gQ.mB/PffM", "\xD5*U***U*"},
>         {"_J9..XXXXvlzQGqpPPdk", "\xAAU*U*U*U"},
>         {"_J9..XXXXsqM/YSSP..Y", "\xAAU*U*U*U*"}, // Change this
>         {"_J9..XXXXVL7qJCnku0I", "*U*U*U*U*U*U*U*U"},
>         {"_J9..XXXXAj8cFbP5scI", "*U*U*U*U*U*U*U*U*"},
>         {"_J9..SDizh.vll5VED9g", "ab1234567"},
>         {"_J9..SDizRjWQ/zePPHc", "cr1234567"},
>         {"_J9..SDizxmRI1GjnQuE", "zxyDPWgydbQjgq"},
>         {"_K9..SaltNrQgIYUAeoY", "726 even"},
>         {"_J9..SDSD5YGyRCr4W4c", ""},
>         {NULL}
> };
> 
> test result = FAILED
> 
> 
> Conclusion: There is one passwords which does not ignore the 8th bit,
> So should we add FMT_8_BIT flag ?

No.  There was a bug in the code, fixed with the attached patch.
magnum - since this is core code, I will also commit this change to core.

With this fix, john is able to crack a test password with 8-bit chars
beyond the 8th position that I generated with crypt() from Perl on an
Owl system (thus, using the FreeSec code in Owl's glibc).  Without the
fix, it didn't crack that password.  Testing against more
implementations of bsdicrypt (such as against the original one in
BSD/OS) would be preferable.

Thanks,

Alexander

View attachment "john-bsdicrypt-8bit.diff" of type "text/plain" (924 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.