Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 15 Aug 2015 10:33:57 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: auditing our use of FMT_* flags

Hi Alexander,

On Fri, Aug 7, 2015 at 1:01 AM, Solar Designer <solar@...nwall.com> wrote:
> Kai,
>
> On Mon, Jul 27, 2015 at 11:24:21AM +0200, magnum wrote:
>> On 2015-07-27 09:48, Kai Zhao wrote:
>> >$ ./john --test=0 --format=LM
>> >Will run 8 OpenMP threads
>> >Testing: LM [DES 256/256 AVX2-16]... (8xOMP) PASS
>> >
>> >Change the first password: "AAAAAA" -> "AAAAAa"
>> >
>> >$ ./john --test=0 --format=LM
>> >Will run 8 OpenMP threads
>> >Testing: LM [DES 256/256 AVX2-16]... (8xOMP) FAILED (get_key(0))
>>
>> The format DOES change the case to upper but since the test vector still
>> has it in lower, it fails. This is just a current technical aspect of
>> self-tests, you can ignore it.
>
> As magnum correctly pointed out, your test is sort of wrong.  It detects
> that get_key() isn't returning the key that was previously set.  For LM,
> that's deliberate: the key is visibly converted to uppercase, and we
> want it written to john.pot that way.  In order not to trigger this
> detection on our normal self-test, we provide all of the test vectors
> with already all-uppercase passwords.  There's certainly room for
> improvement here: to be able to self-test the uppercasing and truncation
> at length 7, yet check that get_key() returns mostly the same password,
> modulo case and truncation (check for the flags and max length first).
> An improvement like that would apply to our old, quick self-test as
> well.  Then we'd be able to list test vectors that would be meant to be
> uppercased and truncated.
>
> As to your --test-full also detecting this non-issue, this appears to be
> due to the get_key() check included in is_key_right() even when called
> from test_fmt_case(), test_fmt_8_bit(), and fmt_self_test_full_body().
> You need to either have the get_key() check skipped when invoked from
> there, or enhance it as I have described above.

Hope the following patch can solve the two problems.

https://github.com/magnumripper/JohnTheRipper/pull/1664/files


Thanks,

Kai

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ