Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 17 Aug 2012 15:59:26 +0200
From: magnum <>
Subject: pixMD5 promiscuous valid()


When loading RAR hashes (format $RAR3$*1*f26be7b74ce9860e*c3...), I get

Warning: only loading hashes of type "rar", but also saw type "pix-md5"
Use the "--format=pix-md5" option to force loading hashes of that type

When looking into it, it seems pixMD5's valid() is too promiscuous. I
suppose I could do this for now:

diff --git a/src/pixMD5_fmt_plug.c b/src/pixMD5_fmt_plug.c
index 9223c4b..64537b8 100644
--- a/src/pixMD5_fmt_plug.c
+++ b/src/pixMD5_fmt_plug.c
@@ -69,7 +69,7 @@ static int valid(char *ciphertext, struct fmt_main
*self) {
                return 0;
        i = strlen(ciphertext);
-       if (i > CIPHERTEXT_LENGTH)
+       if (i == CIPHERTEXT_LENGTH + 12) // "$dynamic_19$" is 12 characters
                return pDynamic_19->methods.valid(ciphertext, pDynamic_19);
        if (i == CIPHERTEXT_LENGTH)
                return pDynamic_19->methods.valid(Convert(Conv_Buf,
ciphertext), pDynamic_19);

Is this correct? I suppose it is. Anyway, it would be better to actually
check for the base64 alphabet (after checking for the $dynamic_19$ tag).

I'll wait with comitting anything in case you want to do something
better than the above.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.