Date: Mon, 10 Sep 2012 19:36:29 +0200 From: magnum <john.magnum@...hmail.com> To: john-dev@...ts.openwall.com Subject: Re: Cracking Office 2013 files with JtR On 2012-09-10 18:55, Dhiru Kholia wrote: > On Mon, Sep 10, 2012 at 10:13 PM, magnum <john.magnum@...hmail.com> wrote: >> On 2012-09-10 18:34, Dhiru Kholia wrote: >>> DeriveKey function can be changed so that it writes to a given static >>> buffer (Office 2010 and 2013 code path do it this way). No possibility >>> of memory leak then. >>> >>> (3) Same applied for "static unsigned char* >>> GeneratePasswordHashUsingSHA1" function. All alloc's are gone now. >> BTW, I just now committed some assertions (well, just warning output) in >> case DeriveKey() ends up not returning X1. Could that happen at all? If >> not, no harm done. If it *can* happen, we will now rather warn than >> segfault :) > > I agree. At the end of DeriveKey following comment is present, > > /* TODO: finish up this function */ > return NULL; > > So far, I have not hit this part of the code ;) On second thought I think I'll change it to bail out with error(). This way, if we ever hit that, we'll have a .rec file that can reproduce the fault. >> I'll also verify all test hashes Rich supplied, or did you do that already? > > IIRC I have tested "most" of Rich's test hashes but it would be great > if you could add them to format's self-test (along with file name for > tracking purposes). Thanks!. I tested my fixes against all those hashes with and without OMP. All seems fine. I'll include them in self-tests too soon. magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.