Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Fri, 3 Aug 2012 04:43:45 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Wordlist memory corruption - 1.7.9-jumbo-6

Guth, Jim, magnum -

On Wed, Aug 01, 2012 at 01:14:25PM +0200, Guth wrote:
> It seems that jtr segfault/corrupt memory on wordlist attacks under some
> circonstances:
> 
> guth[run]$ ./john
> John the Ripper password cracker, ver: 1.7.9-jumbo-6 [linux-x86-64-native]

Yes.  wordlist.c in jumbo is extremely dirty.  I think we should
reimplement all changes made to it (relative to its revision in 1.7.9
release) in a cleaner fashion.

> guth[run]$ cat -e polish_rev_2
> ^Mzciwonakaba$
> ^Mruzaba$

I am able to reproduce the crash using this wordlist, thanks.

The bug appears to be that at first lines are counted looking for just
one of the CR or LF characters, and the words[] array is allocated
accordingly, but then either character terminates the word and thus
requires a words[] array element for the next word.

Alexander

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ