Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sun, 20 Sep 2015 23:02:41 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Regression problem from john-huge-prefetch.diff

Solar,

I get a segfault (after a while, and after cracking a good number) using 
single mode with LM. Bisected it to a2294f9f which is 
john-huge-prefetch.diff. So I tried just defining CRK_PREFETCH to 0 in 
current code - and problem goes away.

Here's how it looks in lldb:

Process 74950 stopped
* thread #1: tid = 0x189a9a, 0x00000001000065c8 
john`DES_bs_cmp_one(binary=0x0000000000000000, count=64, 
index=<unavailable>) + 8 at DES_bs.c:531, queue = 
'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x0)
     frame #0: 0x00000001000065c8 
john`DES_bs_cmp_one(binary=0x0000000000000000, count=64, 
index=<unavailable>) + 8 at DES_bs.c:531
    528 			return 0;
    529 	
    530 	/* Start by comparing bits that are not part of get_hash*() 
return value */
-> 531 		CMP_BIT(30);
    532 		CMP_BIT(31);
    533 	/* These three overlap with DES_bs_get_hash_6t() return value, 
unfortunately */
    534 		CMP_BIT(27);
(lldb) bt
* thread #1: tid = 0x189a9a, 0x00000001000065c8 
john`DES_bs_cmp_one(binary=0x0000000000000000, count=64, 
index=<unavailable>) + 8 at DES_bs.c:531, queue = 
'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x0)
   * frame #0: 0x00000001000065c8 
john`DES_bs_cmp_one(binary=0x0000000000000000, count=64, 
index=<unavailable>) + 8 at DES_bs.c:531
     frame #1: 0x00000001002c5a09 
john`crk_password_loop(salt=0x0000000103142368) + 1401 at cracker.c:818
     frame #2: 0x00000001002c6c80 
john`crk_process_salt(salt=0x0000000103142368) + 624 at cracker.c:955
     frame #3: 0x00000001002ef602 
john`single_process_buffer(salt=0x0000000103142368) + 18 at single.c:260
     frame #4: 0x00000001002efaf6 john`do_single_crack(db=<unavailable>) 
+ 982 at single.c:326
     frame #5: 0x00000001002d2ce6 john`john_run + 1148 at john.c:1589
     frame #6: 0x00000001002d35c8 john`main(argc=4, 
argv=0x00007fff5fbffa98) + 1039 at john.c:1879
     frame #7: 0x00007fff87e0f5c9 libdyld.dylib`start + 1
     frame #8: 0x00007fff87e0f5c9 libdyld.dylib`start + 1


magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.