Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Thu, 28 Aug 2008 05:17:10 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: duplicate guesses with 1.7.3.1-all-2 jumbo patch (was: another bug in john 1.7.3.1?)

I've changed the Subject to be more specific - mention just what the
problem is and what version it pertains to (the jumbo patch, not JtR
itself).  Please try to use short, yet very specific Subjects - not just
"another bug" or the like.

On Wed, Aug 27, 2008 at 12:18:27PM -0400, Adam Turk wrote:
> Loaded 6 password hashes with no different salts (LM DES [32/32 BS])

Are you sure you have used the right/optimal make target for your
system?  What system (hardware, OS, version) are you running JtR on, and
what make target did you use?  I doubt that your CPU is not capable of
at least MMX.

> BB               (b)
> A                (a)
> BB               (b)
...

OK, this does look wrong, and I managed to reproduce the bug.  As I
expected, it is in Simon's largepasswordset patch, which I merged into
the latest jumbo patch.  Please try the attached patch - does it help?

> This is in addition the earlier bug if you try to use john to generate a wordlist. 

No "earlier bug" there.  You have not found a JtR bug so far, but you
have found one in the latest jumbo patch.  Contributed patches, and
consequently the jumbo patch, are sort of expected to be buggy... but I
am fixing really nasty bugs like this one as they're being reported.

Thanks,

Alexander

diff -urp john-1.7.3.1-all-2/src/cracker.c john-1.7.3.1/src/cracker.c
--- john-1.7.3.1-all-2/src/cracker.c	2008-08-24 06:02:12 +0000
+++ john-1.7.3.1/src/cracker.c	2008-08-28 01:00:49 +0000
@@ -133,7 +133,6 @@ static int crk_process_guess(struct db_s
 	log_guess(crk_db->options->flags & DB_LOGIN ? pw->login : "?",
 		dupe ? NULL : pw->source, key);
 
-	pw->found = 1;
 	crk_db->password_count--;
 	crk_db->guess_count++;
 	status.guess_count++;
@@ -147,13 +146,6 @@ static int crk_process_guess(struct db_s
 	if (pw == salt->list) {
 		salt->list = pw->next;
 
-		search_pw = salt->list;
-
-		while(search_pw && (search_pw->found == 1))
-		{
-			salt->list = search_pw->next;
-			search_pw = salt->list;
-		}
 		//ldr_update_salt(crk_db, salt);
 		crk_remove_hash(pw, salt, crk_db);
 
@@ -172,14 +164,13 @@ static int crk_process_guess(struct db_s
 			if (crk_db->salts) crk_init_salt(); else return 1;
 		}
 	} else {
-/*
 		search_pw = salt->list;
 		while (search_pw->next != pw)
 			search_pw = search_pw->next;
-		search_pw->next = pw->next; */
-		crk_remove_hash(pw, salt, crk_db);
+		search_pw->next = pw->next;
 
 		//ldr_update_salt(crk_db, salt);
+		crk_remove_hash(pw, salt, crk_db);
 	}
 
 	return 0;
diff -urp john-1.7.3.1-all-2/src/loader.c john-1.7.3.1/src/loader.c
--- john-1.7.3.1-all-2/src/loader.c	2008-08-24 07:31:10 +0000
+++ john-1.7.3.1/src/loader.c	2008-08-28 01:02:04 +0000
@@ -455,7 +455,6 @@ static void ldr_load_pw_line(struct db_m
 		current_pw = current_salt->list = mem_alloc_tiny(
 			pw_size, MEM_ALIGN_WORD);
 		current_pw->next = last_pw;
-		current_pw->found = 0;
 
 		last_pw = db->password_hash[pw_hash];
 		db->password_hash[pw_hash] = current_pw;
diff -urp john-1.7.3.1-all-2/src/loader.h john-1.7.3.1/src/loader.h
--- john-1.7.3.1-all-2/src/loader.h	2008-08-24 06:02:12 +0000
+++ john-1.7.3.1/src/loader.h	2008-08-28 01:02:14 +0000
@@ -28,9 +28,6 @@ struct db_password {
 /* Some bytes of binary ciphertext for fast comparison */
 	void *binary;
 
-/* checks whether a pwd has been found */
-	unsigned int found;
-
 /* ASCII ciphertext for exact comparison and saving with cracked passwords */
 	char *source;
 
diff -urp john-1.7.3.1-all-2/src/params.h john-1.7.3.1/src/params.h
--- john-1.7.3.1-all-2/src/params.h	2008-08-24 08:01:57 +0000
+++ john-1.7.3.1/src/params.h	2008-08-28 01:03:22 +0000
@@ -15,7 +15,7 @@
 /*
  * John's version number.
  */
-#define JOHN_VERSION			"1.7.3.1-all-2"
+#define JOHN_VERSION			"1.7.3.1-all-2-lpsfix1"
 
 /*
  * Notes to packagers of John for *BSD "ports", Linux distributions, etc.:


-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ